GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,603
Composer 5,006
Erlang 39
GitHub Actions 38
Go 2,636
Maven 6,104
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,616

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,371 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

An attacker who has already compromised the local system could use TinyWall Controller to gain... High Unreviewed

CVE-2019-19470 was published May 24, 2022

An issue was discovered in Public Knowledge Project (PKP) pkp-lib before 3.1.2-2, as used in Open... High Unreviewed

CVE-2019-19909 was published May 24, 2022

A vulnerability has been identified in SPPA-T3000 Application Server (All versions). An attacker... Critical Unreviewed

CVE-2019-18316 was published May 24, 2022

A vulnerability has been identified in SPPA-T3000 Application Server (All versions). The... High Unreviewed

CVE-2019-18283 was published May 24, 2022

Progress Telerik UI for ASP.NET AJAX through 2019.3.1023 contains a .NET deserialization... High Unreviewed

CVE-2019-18935 was published May 24, 2022

Dell EMC Storage Monitoring and Reporting version 4.3.1 contains a Java RMI Deserialization of... Critical Unreviewed

CVE-2019-18580 was published May 24, 2022

A vulnerability in the web-based management interface of certain Cisco Small Business RV Series... High Unreviewed

CVE-2019-15271 was published May 24, 2022

The Windows component of Centrify Authentication and Privilege Elevation Services 3.4.0, 3.4.1, 3... Moderate Unreviewed

CVE-2019-18631 was published May 24, 2022

In JetBrains TeamCity before 2019.1.4, insecure Java Deserialization could potentially allow... Critical Unreviewed

CVE-2019-18364 was published May 24, 2022

OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to denial of service from unserialized data... High Unreviewed

CVE-2019-18601 was published May 24, 2022

A remote code execution vulnerability exists in MapR CLDB code, specifically in the JSON... Critical Unreviewed

CVE-2019-12017 was published May 24, 2022

mintinstall (aka Software Manager) 7.9.9 for Linux Mint allows code execution if a REVIEWS_CACHE... High Unreviewed

CVE-2019-17080 was published May 24, 2022

A vulnerability in the Java deserialization function used by Cisco Security Manager could allow... Critical Unreviewed

CVE-2019-12630 was published May 24, 2022

In JobStore, there is a mismatched serialization/deserialization for the "battery-not-low" job... Moderate Unreviewed

CVE-2019-9373 was published May 24, 2022

A vulnerability was discovered in BMC MyIT Digital Workplace DWP before 18.11. The DWP component... Critical Unreviewed

CVE-2019-16755 was published May 24, 2022

download.php in inoERP 4.15 allows SQL injection through insecure deserialization. Critical Unreviewed

CVE-2019-16894 was published May 24, 2022

Insecure deserialization of untrusted data in Micro Focus Service Manager product versions 9.30,... High Unreviewed

CVE-2019-11666 was published May 24, 2022

The java.io.ObjectInputStream is known to cause Java serialisation issues. This issue here is... Critical Unreviewed

CVE-2019-0189 was published May 24, 2022

The sitebuilder-dynamic-components plugin through 1.0 for WordPress has PHP object injection via... High Unreviewed

CVE-2017-18604 was published May 24, 2022

A code execution vulnerability exists in Epignosis eFront LMS v5.2.12. A specially crafted web... High Unreviewed

CVE-2019-5069 was published May 24, 2022

The formidable plugin before 4.02.01 for WordPress has unsafe deserialization. Critical Unreviewed

CVE-2019-15780 was published May 24, 2022

The newsletters-lite plugin before 4.6.8.6 for WordPress has PHP object injection. Critical Unreviewed

CVE-2018-20987 was published May 24, 2022

The patreon-connect plugin before 1.2.2 for WordPress has Object Injection. Critical Unreviewed

CVE-2018-20984 was published May 24, 2022

Due to unsafe deserialization used in SAP Commerce Cloud (virtualjdbc extension), versions 6.4, 6... Critical Unreviewed

CVE-2019-0344 was published May 24, 2022

A flaw was found in the yaml.load() function in the osbs-client versions since 0.46 before 0.56.1... High Unreviewed

CVE-2019-10135 was published May 24, 2022

Previous 1…46…55 Next

Previous 1 2 … 44 45 46 47 48 … 54 55 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,371 advisories