Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

648 advisories

Loading
This vulnerability allows local attackers to escalate privileges on affected installations of... High Unreviewed
CVE-2021-27240 was published May 24, 2022
In Invoice Ninja before 4.4.0, there is an unsafe call to unserialize() in app/Ninja/Repositories... High Unreviewed
CVE-2021-33898 was published May 24, 2022
In the Redirection for Contact Form 7 WordPress plugin before 2.3.4, any authenticated user, such... High Unreviewed
CVE-2021-24280 was published May 24, 2022
A remote insecure deserialization vulnerability was discovered in Aruba AirWave Management... High Unreviewed
CVE-2021-25151 was published May 24, 2022
A remote insecure deserialization vulnerability was discovered in Aruba AirWave Management... High Unreviewed
CVE-2021-25152 was published May 24, 2022
AjaxSearchPro before 4.20.8 allows Deserialization of Untrusted Data (in the import database... High Unreviewed
CVE-2021-29654 was published May 24, 2022
The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains... High Unreviewed
CVE-2020-10657 was published May 24, 2022
Tenable.sc and Tenable.sc Core versions 5.13.0 through 5.17.0 were found to contain a... High Unreviewed
CVE-2021-20076 was published May 24, 2022
PHP Object injection vulnerabilities in the Team Showcase plugin before 1.22.16 for WordPress... High Unreviewed
CVE-2020-35939 was published May 24, 2022
Nolan Ray from Apple Information Security identified a security vulnerability in Spinnaker, all... High Unreviewed
CVE-2020-9301 was published May 24, 2022
Insecure Deserialization in the Newsletter plugin before 6.8.2 for WordPress allows authenticated... High Unreviewed
CVE-2020-35932 was published May 24, 2022
IBM QRadar SIEM 7.4.0 to 7.4.2 Patch 1 and 7.3.0 to 7.3.3 Patch 7 could allow a remote attacker... High Unreviewed
CVE-2020-4888 was published May 24, 2022
M&M Software fdtCONTAINER Component in versions below 3.5.20304.x and between 3.6 and 3.6.20304.x... High Unreviewed
CVE-2020-12525 was published May 24, 2022
rcdsvc in the Proofpoint Insider Threat Management Windows Agent (formerly ObserveIT Windows... High Unreviewed
CVE-2020-8884 was published May 24, 2022
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5_2, 6.0.0.0 through 6.0.3.2,... High Unreviewed
CVE-2019-4728 was published May 24, 2022
The fileop module of the NXLog service in NXLog Community Edition 2.10.2150 allows remote... High Unreviewed
CVE-2020-35488 was published May 24, 2022
The WPtouch WordPress plugin before 4.3.45 unserialises the content of an imported settings file,... High Unreviewed
CVE-2022-3417 was published Jan 10, 2023
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to execute... High Unreviewed
CVE-2020-4589 was published May 24, 2022
Apache Geode unsafe deserialization of application objects High
CVE-2017-15693 was published for org.apache.geode:geode-core (Maven) May 14, 2022
The Starter Templates by Kadence WP WordPress plugin before 1.2.17 unserialises the content of an... High Unreviewed
CVE-2022-3679 was published Jan 10, 2023
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to achieve... High Unreviewed
CVE-2020-14172 was published May 24, 2022
The WP Custom Admin Interface WordPress plugin before 7.29 unserialize user input provided via... High Unreviewed
CVE-2022-4043 was published Jan 10, 2023
Auth. (subscriber+) PHP Object Injection vulnerability in Betheme theme <= 26.5.1.4 on WordPress. High Unreviewed
CVE-2022-45077 was published Nov 18, 2022
The Apros Evolution, ConsciusMap, and Furukawa provisioning systems through 2.8.1 allow remote... High Unreviewed
CVE-2020-12133 was published May 24, 2022
Deserialization of Untrusted Data in Gson High
CVE-2022-25647 was published for com.google.code.gson:gson (Maven) May 3, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database