Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,372 advisories

Loading
A deserialization vulnerability in a .NET framework class used and not properly checked by Safety... High Unreviewed
CVE-2022-27580 was published Jul 20, 2022
A deserialization vulnerability in a .NET framework class used and not properly checked by Flexi... High Unreviewed
CVE-2022-27579 was published Jul 20, 2022
QVIS NVR DVR before 2021-12-13 is vulnerable to Remote Code Execution via Java deserialization. Critical Unreviewed
CVE-2021-41419 was published Jul 19, 2022
The Visualizer: Tables and Charts Manager for WordPress plugin for WordPress is vulnerable to... High Unreviewed
CVE-2022-2444 was published Jul 19, 2022
The Feed Them Social – for Twitter feed, Youtube and more plugin for WordPress is vulnerable to... Critical Unreviewed
CVE-2022-2437 was published Jul 19, 2022
An issue was discovered in Gentics CMS before 5.43.1. By uploading a malicious ZIP file, an... High Unreviewed
CVE-2022-30981 was published Jul 18, 2022
kvf-admin through 2022-02-12 allows remote attackers to execute arbitrary code because... Critical Unreviewed
CVE-2022-35857 was published Jul 14, 2022
An issue was discovered in Druva 6.9.0 for macOS, allows attackers to gain escalated local... High Unreviewed
CVE-2021-36665 was published Jul 13, 2022
In the keystore library, there is a possible prevention of access to system Settings due to... Moderate Unreviewed
CVE-2022-20195 was published Jun 16, 2022
SAP NetWeaver Developer Studio (NWDS) - version 7.50, is based on Eclipse, which contains the... Low Unreviewed
CVE-2022-29615 was published Jun 15, 2022
The affected products are vulnerable of untrusted data due to deserialization without prior... Critical Unreviewed
CVE-2022-1660 was published Jun 3, 2022
A vulnerability has been identified in Biograph Horizon PET/CT Systems (All VJ30 versions < VJ30C... Critical Unreviewed
CVE-2022-29875 was published Jun 2, 2022
Knowledge Management versions 7.01, 7.02, 7.30, 7.31, 7.40, 7.50 allows a remote attacker with... Moderate Unreviewed
CVE-2021-21488 was published May 24, 2022
The All in One SEO – Best WordPress SEO Plugin – Easily Improve Your SEO Rankings before 4.1.0.2... High Unreviewed
CVE-2021-24307 was published May 24, 2022
Deserialization of Untrusted Data vulnerability of Apache ShardingSphere-UI allows an attacker to... High Unreviewed
CVE-2021-26558 was published May 24, 2022
Rails is bad High Unreviewed
CVE-2021-26857 was published May 24, 2022
app/Model/Server.php in MISP 2.4.109 allows remote command execution by a super administrator... High Unreviewed
CVE-2019-12868 was published May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2021-34992 was published May 24, 2022
Sitecore XP 7.5 Initial Release to Sitecore XP 8.2 Update-7 is vulnerable to an insecure... Critical Unreviewed
CVE-2021-42237 was published May 24, 2022
Project files are stored memory objects in the form of binary serialized data that can later be... High Unreviewed
CVE-2021-42698 was published May 24, 2022
Zoom Call Recording 6.3.1 from ZOOM International is vulnerable to Java Deserialization attacks... Critical Unreviewed
CVE-2019-19810 was published May 24, 2022
The HTTP interface was enabled for RabbitMQ Plugin in ARM 2020.2.6 and the ability to configure... High Unreviewed
CVE-2021-35227 was published May 24, 2022
Adobe Connect version 11.2.2 (and earlier) is affected by a Deserialization of Untrusted Data... Critical Unreviewed
CVE-2021-40719 was published May 24, 2022
Version 3.3.23 of the Sassy Social Share WordPress plugin is vulnerable to PHP Object Injection... High Unreviewed
CVE-2021-39321 was published May 24, 2022
Proofpoint Insider Threat Management Server contains an unsafe deserialization vulnerability in... High Unreviewed
CVE-2021-40843 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database