GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,565
Composer 4,201
Erlang 31
GitHub Actions 19
Go 1,986
Maven 5,163
npm 3,702
NuGet 660
pip 3,328
Pub 11
RubyGems 883
Rust 843
Swift 36

Unreviewed advisories

All unreviewed 233,930

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

368 advisories

Filter by severity

Sort by

Least recently updated

Laravel 9.1.8, when processing attacker-controlled data for deserialization, allows Remote Code... Critical Unreviewed

CVE-2022-30778 was published May 17, 2022

In vBulletin through 5.3.x, there is an unauthenticated deserialization vulnerability that leads... Critical Unreviewed

CVE-2017-17672 was published May 14, 2022

ext/standard/var_unserializer.c in PHP before 5.6.25 and 7.x before 7.0.10 mishandles certain... Critical Unreviewed

CVE-2016-7124 was published May 14, 2022

A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3... Critical Unreviewed

CVE-2017-5792 was published May 14, 2022

VMware Realize Automation (7.3 and 7.2) and vSphere Integrated Containers (1.x before 1.3)... Critical Unreviewed

CVE-2017-4947 was published May 14, 2022

A remote code execution vulnerability in HPE Operations Orchestration Community edition and... Critical Unreviewed

CVE-2016-8519 was published May 14, 2022

A Remote Code Execution vulnerability in HPE intelligent Management Center (iMC) PLAT version IMC... Critical Unreviewed

CVE-2017-12558 was published May 14, 2022

A Remote Code Execution vulnerability in HPE intelligent Management Center (iMC) PLAT version IMC... Critical Unreviewed

CVE-2017-12556 was published May 14, 2022

A remote deserialization of untrusted data vulnerability in HPE Intelligent Management Center ... Critical Unreviewed

CVE-2017-5790 was published May 14, 2022

A Remote Code Execution vulnerability in HPE Network Automation using RPCServlet and Java... Critical Unreviewed

CVE-2016-8511 was published May 14, 2022

The MyScript SDK before 1.3 for Android might allow attackers to execute arbitrary code by... Critical Unreviewed

CVE-2015-2020 was published May 14, 2022

In Jboss Application Server as shipped with Red Hat Enterprise Application Platform 5.2, it was... Critical Unreviewed

CVE-2017-12149 was published May 14, 2022

An issue was discovered in phpMyAdmin. Some data is passed to the PHP unserialize() function... Critical Unreviewed

CVE-2016-6620 was published May 14, 2022

All versions prior to V5.09.02.02T4 of the ZTE ZXIPTV-EPG product use the Java RMI service in... Critical Unreviewed

CVE-2017-10934 was published May 14, 2022

PHPMemcachedAdmin 1.2.2 and earlier allows remote attackers to execute arbitrary PHP code via... Critical Unreviewed

CVE-2014-8731 was published May 14, 2022

The EjbObjectInputStream class in Apache TomEE before 1.7.4 and 7.x before 7.0.0-M3 allows remote... Critical Unreviewed

CVE-2016-0779 was published May 14, 2022

SAP NetWeaver 7400.12.21.30308 allows remote attackers to cause a denial of service and possibly... Critical Unreviewed

CVE-2017-9844 was published May 14, 2022

MegaMek version < v0.45.1 contains a Other/Unknown vulnerability in Object Stream Connection that... Critical Unreviewed

CVE-2018-1000824 was published May 14, 2022

Ubilling version <= 0.9.2 contains a Other/Unknown vulnerability in user-controlled parameter... Critical Unreviewed

CVE-2018-1000827 was published May 14, 2022

ZoneMinder version <= 1.32.2 contains a Other/Unknown vulnerability in User-controlled parameter... Critical Unreviewed

CVE-2018-1000833 was published May 14, 2022

SAS Web Infrastructure Platform before 9.4M6 allows remote attackers to execute arbitrary code... Critical Unreviewed

CVE-2018-20732 was published May 14, 2022

There is a deserialization vulnerability in Chatopera cosin v3.10.0. An attacker can execute... Critical Unreviewed

CVE-2019-6503 was published May 14, 2022

The REST API in CyberArk Password Vault Web Access before 9.9.5 and 10.x before 10.1 allows... Critical Unreviewed

CVE-2018-9843 was published May 14, 2022

In WordPress before 4.9.9 and 5.x before 5.0.1, contributors could conduct PHP object injection... Critical Unreviewed

CVE-2018-20148 was published May 14, 2022

A Remote Code Execution vulnerability in HPE intelligent Management Center (iMC) PLAT version IMC... Critical Unreviewed

CVE-2017-12557 was published May 14, 2022

Previous 1 2 … 10 11 12 13 14 15 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

368 advisories