Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,002 advisories

Loading
In ParsedIntentInfo of ParsedIntentInfo.java, there is a possible parcel serialization... High Unreviewed
CVE-2021-0685 was published May 24, 2022
An issue was discovered in Concrete CMS through 8.5.5. Arbitrary File deletion can occur via PHAR... Critical Unreviewed
CVE-2021-40102 was published May 24, 2022
In Gradle Enterprise before 2021.1.3, a crafted request can trigger deserialization of arbitrary... High Unreviewed
CVE-2021-41588 was published May 24, 2022
The management tool in MyLittleBackup up to and including 1.7 allows remote attackers to execute... Critical Unreviewed
CVE-2021-39392 was published May 24, 2022
A vulnerability has been identified in Cerberus DMS V4.0 (All versions), Cerberus DMS V4.1 (All... Critical Unreviewed
CVE-2021-37181 was published May 24, 2022
ZStack is open source IaaS(infrastructure as a service) software. In ZStack before versions 3.10... High Unreviewed
CVE-2021-32836 was published May 24, 2022
Insecure Deseralization of untrusted data remote code execution vulnerability was discovered in... High Unreviewed
CVE-2021-35217 was published May 24, 2022
mrdoc is vulnerable to Deserialization of Untrusted Data High Unreviewed
CVE-2021-32568 was published May 24, 2022
Deserialization of Untrusted Data in the Web Console Chart Endpoint can lead to remote code... High Unreviewed
CVE-2021-35218 was published May 24, 2022
Insecure deserialization leading to Remote Code Execution was detected in the Orion Platform... High Unreviewed
CVE-2021-35215 was published May 24, 2022
Insecure Deserialization of untrusted data remote code execution vulnerability was discovered in... High Unreviewed
CVE-2021-35216 was published May 24, 2022
RCE vulnerability in Jenkins Code Coverage API Plugin High
CVE-2021-21677 was published for io.jenkins.plugins:code-coverage-api (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
Deserialization of untrusted data in multiple functions in MIK.starlight 7.9.5.24363 allows... High Unreviewed
CVE-2021-36231 was published May 24, 2022
The bt_bb_get_grid AJAX action of the Bold Page Builder WordPress plugin before 3.1.6 passes user... High Unreviewed
CVE-2021-24579 was published May 24, 2022
A conference management system of ZTE is impacted by a command execution vulnerability. Since the... Critical Unreviewed
CVE-2021-21741 was published May 24, 2022
An issue was discovered in EdgeGallery/developer before v1.0. There is a "Deserialization of yaml... Critical Unreviewed
CVE-2021-34066 was published May 24, 2022
An unsafe deserialization vulnerability exists in the Engine.plugin ProfileInformation... High Unreviewed
CVE-2021-21869 was published May 24, 2022
A unsafe deserialization vulnerability exists in the ObjectManager.plugin ObjectStream... High Unreviewed
CVE-2021-21867 was published May 24, 2022
A unsafe deserialization vulnerability exists in the ObjectManager.plugin Project... High Unreviewed
CVE-2021-21868 was published May 24, 2022
The WHM Locale Upload feature in cPanel before 98.0.1 allows unserialization attacks (SEC-585). High Unreviewed
CVE-2021-38585 was published May 24, 2022
In JetBrains TeamCity before 2020.2.4, there was an insecure deserialization. Critical Unreviewed
CVE-2021-37544 was published May 24, 2022
A unsafe deserialization vulnerability exists in the ComponentModel Profile.FromFile()... High Unreviewed
CVE-2021-21863 was published May 24, 2022
DevExpress.XtraReports.UI through v21.1 allows attackers to execute arbitrary code via insecure... Critical Unreviewed
CVE-2021-36483 was published May 24, 2022
A unsafe deserialization vulnerability exists in the ObjectManager.plugin ProfileInformation... High Unreviewed
CVE-2021-21866 was published May 24, 2022
A unsafe deserialization vulnerability exists in the PackageManagement.plugin ExtensionMethods... High Unreviewed
CVE-2021-21865 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database