GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,603
Composer 5,006
Erlang 39
GitHub Actions 38
Go 2,636
Maven 6,104
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,816

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

2,002 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A unsafe deserialization vulnerability exists in the ComponentModel ComponentManager... High Unreviewed

CVE-2021-21864 was published May 24, 2022

IBM Partner Engagement Manager 2.0 could allow a remote attacker to execute arbitrary code on the... Critical Unreviewed

CVE-2021-29781 was published May 24, 2022

Concrete5 through 8.5.5 deserializes Untrusted Data. The vulnerable code is located within the... High Unreviewed

CVE-2021-36766 was published May 24, 2022

Deserialization of Untrusted Data Vulnerability Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7... Critical Unreviewed

CVE-2020-5341 was published May 24, 2022

ForgeRock AM server 6.x before 7, and OpenAM 14.6.3, has a Java deserialization vulnerability in... Critical Unreviewed

CVE-2021-35464 was published May 24, 2022

A CWE-502: Deserialization of Untrusted Data vulnerability exists that could cause code execution... High Unreviewed

CVE-2021-22777 was published May 24, 2022

Microsoft SharePoint Server Remote Code Execution Vulnerability This CVE ID is unique from CVE... High Unreviewed

CVE-2021-34520 was published May 24, 2022

A remote insecure deserialization vulnerability was discovered in Aruba ClearPass Policy Manager... High Unreviewed

CVE-2021-29150 was published May 24, 2022

The joomsport_md_load AJAX action of the JoomSport WordPress plugin before 5.1.8, registered for... Critical Unreviewed

CVE-2021-24384 was published May 24, 2022

Veeam Backup and Replication 10 before 10.0.1.4854 P20210609 and 11 before 11.0.0.837 P20210507... Critical Unreviewed

CVE-2021-35971 was published May 24, 2022

There is a deserialization vulnerability in Huawei AnyOffice V200R006C10. An attacker can... High Unreviewed

CVE-2021-22439 was published May 24, 2022

JFinal Java Deserialization Vulnerability Critical

CVE-2021-31649 was published for com.jfinal:jfinal (Maven) May 24, 2022

Trusty contains a vulnerability in all TAs whose deserializer does not reject messages with... Moderate Unreviewed

CVE-2021-34394 was published May 24, 2022

Trusty contains a vulnerability in TSEC TA which deserializes the incoming messages even though... Moderate Unreviewed

CVE-2021-34393 was published May 24, 2022

** DISPUTED ** Manuskript through 0.12.0 allows remote attackers to execute arbitrary code via a... High Unreviewed

CVE-2021-35196 was published May 24, 2022

A deserialization flaw was found in Apache Chainsaw versions prior to 2.1.0 which could lead to... Critical Unreviewed

CVE-2020-9493 was published May 24, 2022

An unsafe deserialization vulnerability in Bridgecrew Checkov by Prisma Cloud allows arbitrary... Moderate Unreviewed

CVE-2021-3040 was published May 24, 2022

In Invoice Ninja before 4.4.0, there is an unsafe call to unserialize() in app/Ninja/Repositories... High Unreviewed

CVE-2021-33898 was published May 24, 2022

The BDew BdLib library before 1.16.1.7 for Minecraft allows remote code execution because it... Critical Unreviewed

CVE-2021-33806 was published May 24, 2022

Deserialization of untrusted data vulnerability in McAfee Database Security (DBSec) prior to 4.8... High Unreviewed

CVE-2021-23895 was published May 24, 2022

Deserialization of untrusted data vulnerability in McAfee Database Security (DBSec) prior to 4.8... Critical Unreviewed

CVE-2021-23894 was published May 24, 2022

Deserialization of Untrusted Data vulnerability in CheckboxWeb.dll of Checkbox Survey allows an... Critical Unreviewed

CVE-2021-27852 was published May 24, 2022

Re-Logic Terraria before 1.4.2.3 performs Insecure Deserialization. Critical Unreviewed

CVE-2021-32075 was published May 24, 2022

This vulnerability allows remote attackers to execute arbitrary code on affected installations of... Critical Unreviewed

CVE-2021-31474 was published May 24, 2022

In the Redirection for Contact Form 7 WordPress plugin before 2.3.4, any authenticated user, such... High Unreviewed

CVE-2021-24280 was published May 24, 2022

Previous 1…54…81 Next

Previous 1 2 … 52 53 54 55 56 … 80 81 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,002 advisories