GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,603
Composer 5,006
Erlang 39
GitHub Actions 38
Go 2,636
Maven 6,104
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,816

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

2,002 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

SAP NetWeaver Visual Composer Metadata Uploader is vulnerable when a privileged user can upload... Critical Unreviewed

CVE-2025-42999 was published May 13, 2025

A deserialization of untrusted data vulnerability with a malicious payload can allow an... Critical Unreviewed

CVE-2024-40711 was published Sep 7, 2024

Justice AV Solutions Viewer Setup 8.3.7.250-1 contains a malicious binary when executed and is... High Unreviewed

CVE-2024-4978 was published May 23, 2024

Microsoft SharePoint Remote Code Execution Vulnerability High Unreviewed

CVE-2024-38094 was published Jul 9, 2024

, aka 'Microsoft Exchange Remote Code Execution Vulnerability'. This CVE ID is unique from CVE... High Unreviewed

CVE-2020-17144 was published May 24, 2022

Vulnerability in the Oracle Agile PLM product of Oracle Supply Chain (component: Export). The... High Unreviewed

CVE-2024-20953 was published Feb 17, 2024

Deserialization of Untrusted Data in Plex Media Server on Windows allows a remote, authenticated... High Unreviewed

CVE-2020-5741 was published May 24, 2022

A remote code execution vulnerability exists in Microsoft SQL Server Reporting Services when it... Moderate Unreviewed

CVE-2020-0618 was published May 24, 2022

NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote... Critical Unreviewed

CVE-2023-43208 was published Oct 26, 2023

Zoho ManageEngine Desktop Central 10 allows remote code execution because of deserialization of... High Unreviewed

CVE-2020-10189 was published May 24, 2022

A remote code execution vulnerability exists in Microsoft Exchange software when the software... High Unreviewed

CVE-2020-0688 was published May 24, 2022

Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Caching... High Unreviewed

CVE-2020-2555 was published May 24, 2022

Progress Telerik UI for ASP.NET AJAX through 2019.3.1023 contains a .NET deserialization... High Unreviewed

CVE-2019-18935 was published May 24, 2022

In WS_FTP Server version 8.7.0 prior to 8.7.4 and version 8.8.0 prior to 8.8.2, a pre... High Unreviewed

CVE-2023-40044 was published Sep 27, 2023

Due to unsafe deserialization used in SAP Commerce Cloud (virtualjdbc extension), versions 6.4, 6... Critical Unreviewed

CVE-2019-0344 was published May 24, 2022

IBM Aspera Faspex 4.4.1 could allow a remote attacker to execute arbitrary code on the system,... Critical Unreviewed

CVE-2022-47986 was published Feb 17, 2023

An issue was discovered in Kentico 12.0.x before 12.0.15, 11.0.x before 11.0.48, 10.0.x before 10... Critical Unreviewed

CVE-2019-10068 was published May 13, 2022

Remote code execution vulnerabilities exist in the Netwrix Auditor User Activity Video Recording... Critical Unreviewed

CVE-2022-31199 was published Nov 8, 2022

A remote code execution vulnerability exists in "Microsoft COM for Windows" when it fails to... High Unreviewed

CVE-2018-0824 was published May 14, 2022

Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have... Critical Unreviewed

CVE-2018-4939 was published May 13, 2022

Zoho ManageEngine Password Manager Pro before 12101 and PAM360 before 5510 are vulnerable to... Critical Unreviewed

CVE-2022-35405 was published Jul 20, 2022

A vulnerability in Java deserialization used by Cisco Secure Access Control System (ACS) prior to... Critical Unreviewed

CVE-2018-0147 was published May 13, 2022

In Jboss Application Server as shipped with Red Hat Enterprise Application Platform 5.2, it was... Critical Unreviewed

CVE-2017-12149 was published May 14, 2022

ForgeRock AM server 6.x before 7, and OpenAM 14.6.3, has a Java deserialization vulnerability in... Critical Unreviewed

CVE-2021-35464 was published May 24, 2022

Deserialization of Untrusted Data vulnerability in CheckboxWeb.dll of Checkbox Survey allows an... Critical Unreviewed

CVE-2021-27852 was published May 24, 2022

Previous 1…5…81 Next

Previous 1 2 3 4 5 6 7 … 80 81 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,002 advisories