GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,603
Composer 5,006
Erlang 39
GitHub Actions 38
Go 2,636
Maven 6,104
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,616

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,371 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A remote insecure deserialization vulnerability was discovered in Aruba AirWave Management... High Unreviewed

CVE-2021-25152 was published May 24, 2022

A remote insecure deserialization vulnerability was discovered in Aruba AirWave Management... High Unreviewed

CVE-2021-25151 was published May 24, 2022

Apache OFBiz has unsafe deserialization prior to 17.12.07 version An unauthenticated user can... Critical Unreviewed

CVE-2021-29200 was published May 24, 2022

Apache OFBiz has unsafe deserialization prior to 17.12.07 version Critical Unreviewed

CVE-2021-30128 was published May 24, 2022

This vulnerability allows local attackers to escalate privileges on affected installations of... High Unreviewed

CVE-2021-27277 was published May 24, 2022

Zoho ManageEngine OpManager before 12.5.329 allows unauthenticated Remote Code Execution due to a... Critical Unreviewed

CVE-2021-3287 was published May 24, 2022

An unsafe deserialization vulnerability in Bridgecrew Checkov by Prisma Cloud allows arbitrary... Moderate Unreviewed

CVE-2021-3035 was published May 24, 2022

AjaxSearchPro before 4.20.8 allows Deserialization of Untrusted Data (in the import database... High Unreviewed

CVE-2021-29654 was published May 24, 2022

The run_action function of the Facebook for WordPress plugin before 3.0.0 deserializes user... High Unreviewed

CVE-2021-24217 was published May 24, 2022

Dell SRM versions prior to 4.5.0.1 and Dell SMR versions prior to 4.5.0.1 contain an Untrusted... Critical Unreviewed

CVE-2021-21524 was published May 24, 2022

Multiple vulnerabilities in the web-based management interface of Cisco RV340, RV340W, RV345, and... Moderate Unreviewed

CVE-2021-1415 was published May 24, 2022

Multiple vulnerabilities in the web-based management interface of Cisco RV340, RV340W, RV345, and... Moderate Unreviewed

CVE-2021-1413 was published May 24, 2022

Multiple vulnerabilities in the web-based management interface of Cisco RV340, RV340W, RV345, and... Moderate Unreviewed

CVE-2021-1414 was published May 24, 2022

This vulnerability allows local attackers to escalate privileges on affected installations of... High Unreviewed

CVE-2021-27240 was published May 24, 2022

Apache OFBiz has unsafe deserialization prior to 17.12.06. An unauthenticated attacker can use... Critical Unreviewed

CVE-2021-26295 was published May 24, 2022

The food-and-drink-menu plugin through 2.2.0 for WordPress allows remote attackers to execute... Critical Unreviewed

CVE-2020-29045 was published May 24, 2022

Tenable.sc and Tenable.sc Core versions 5.13.0 through 5.17.0 were found to contain a... High Unreviewed

CVE-2021-20076 was published May 24, 2022

The wp-hotel-booking plugin through 1.10.2 for WordPress allows remote attackers to execute... Critical Unreviewed

CVE-2020-29047 was published May 24, 2022

Microsoft SharePoint Remote Code Execution Vulnerability High Unreviewed

CVE-2021-24066 was published May 24, 2022

KollectApps before 4.8.16c is affected by insecure Java deserialization, leading to Remote Code... Critical Unreviewed

CVE-2021-27335 was published May 24, 2022

The specific function of HR Portal of Soar Cloud System accepts any type of object to be... Critical Unreviewed

CVE-2021-22855 was published May 24, 2022

config.py in pystemon before 2021-02-13 allows code execution via YAML deserialization because... Critical Unreviewed

CVE-2021-27213 was published May 24, 2022

This vulnerability allows remote attackers to execute arbitrary code on affected installations of... Critical Unreviewed

CVE-2020-27868 was published May 24, 2022

NetMotion Mobility before 11.73 and 12.x before 12.02 allows unauthenticated remote attackers to... Critical Unreviewed

CVE-2021-26915 was published May 24, 2022

NetMotion Mobility before 11.73 and 12.x before 12.02 allows unauthenticated remote attackers to... Critical Unreviewed

CVE-2021-26914 was published May 24, 2022

Previous 1…43…55 Next

Previous 1 2 … 41 42 43 44 45 … 54 55 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,371 advisories