Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,076
Erlang
29
GitHub Actions
19
Go
1,895
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
862
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

387 advisories

Loading
Sitecore Experience Platform (XP) prior to 9.1.1 is vulnerable to remote code execution via... High Unreviewed
CVE-2019-11080 was published May 24, 2022
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC)... High Unreviewed
CVE-2019-5350 was published May 24, 2022
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC)... High Unreviewed
CVE-2019-11956 was published May 24, 2022
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC)... High Unreviewed
CVE-2019-11950 was published May 24, 2022
Deserialization of Untrusted Data in the anti CSRF module in Sitecore through 9.1 allows an... High Unreviewed
CVE-2019-9875 was published May 24, 2022
Ampache 3.8.3 allows PHP Object Instantiation via democratic.ajax.php and democratic.class.php. High Unreviewed
CVE-2017-18375 was published May 24, 2022
e107 2.1.2 allows PHP Object Injection with resultant SQL injection, because usersettings.php... High Unreviewed
CVE-2016-10753 was published May 24, 2022
** DISPUTED ** Manuskript through 0.12.0 allows remote attackers to execute arbitrary code via a... High Unreviewed
CVE-2021-35196 was published May 24, 2022
compose.php in SquirrelMail 1.4.22 calls unserialize for the $attachments value, which originates... High Unreviewed
CVE-2020-14933 was published May 24, 2022
** DISPUTED *** Xen Mobile through 10.8.0 includes a service listening on port 5001 within its... High Unreviewed
CVE-2018-18013 was published May 14, 2022
Deserialization of Untrusted Data vulnerability in MainWP MainWP Links Manager Extension.This... High Unreviewed
CVE-2023-23649 was published Mar 28, 2024
Deserialization of Untrusted Data vulnerability in GiveWP.This issue affects GiveWP: from n/a... High Unreviewed
CVE-2024-30229 was published Mar 28, 2024
Deserialization of Untrusted Data vulnerability in Acowebs PDF Invoices and Packing Slips For... High Unreviewed
CVE-2024-30230 was published Mar 28, 2024
Deserialization of Untrusted Data vulnerability in Repute Infosystems ARMember.This issue affects... High Unreviewed
CVE-2024-30222 was published Mar 28, 2024
Deserialization of Untrusted Data vulnerability in Echo Plugins Knowledge Base for Documentation,... High Unreviewed
CVE-2024-24842 was published Mar 27, 2024
Deserialization of Untrusted Data vulnerability in WPEverest User Registration.This issue affects... High Unreviewed
CVE-2023-27459 was published Mar 26, 2024
In Progress® Telerik® Reporting versions prior to 2024 Q1 (18.0.24.130), a code execution attack... High Unreviewed
CVE-2024-1856 was published Mar 20, 2024
Deserialization of Untrusted Data vulnerability in Social Media Share Buttons By Sygnoos Social... High Unreviewed
CVE-2024-2721 was published Mar 20, 2024
In Progress® Telerik® Reporting versions prior to 2024 Q1 (18.0.24.130), a code execution attack... High Unreviewed
CVE-2024-1801 was published Mar 20, 2024
Deserialization of Untrusted Data vulnerability in Themefic Tourfic.This issue affects Tourfic:... High Unreviewed
CVE-2024-29136 was published Mar 19, 2024
CWE-502: Deserialization of Untrusted Data vulnerability exists that could cause remote code... High Unreviewed
CVE-2024-2229 was published Mar 18, 2024
Spitfire CMS 1.0.475 is vulnerable to PHP Object Injection. High Unreviewed
CVE-2022-47083 was published Jan 10, 2023
The SolarWinds Security Event Manager was susceptible to Remote Code Execution Vulnerability.... High Unreviewed
CVE-2024-0692 was published Mar 1, 2024
A remote code execution vulnerability exists in Microsoft Exchange software when the software... High Unreviewed
CVE-2020-0688 was published May 24, 2022
SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Remote Code Execution... High Unreviewed
CVE-2024-23478 was published Feb 15, 2024
ProTip! Advisories are also available from the GraphQL API