Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,002 advisories

Loading
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... Critical Unreviewed
CVE-2020-27868 was published May 24, 2022
NetMotion Mobility before 11.73 and 12.x before 12.02 allows unauthenticated remote attackers to... Critical Unreviewed
CVE-2021-26915 was published May 24, 2022
NetMotion Mobility before 11.73 and 12.x before 12.02 allows unauthenticated remote attackers to... Critical Unreviewed
CVE-2021-26914 was published May 24, 2022
NetMotion Mobility before 11.73 and 12.x before 12.02 allows unauthenticated remote attackers to... Critical Unreviewed
CVE-2021-26912 was published May 24, 2022
NetMotion Mobility before 11.73 and 12.x before 12.02 allows unauthenticated remote attackers to... Critical Unreviewed
CVE-2021-26913 was published May 24, 2022
The Collector Service in SolarWinds Orion Platform before 2020.2.4 uses MSMQ (Microsoft Message... Critical Unreviewed
CVE-2021-25274 was published May 24, 2022
In JetBrains IntelliJ IDEA before 2020.3, potentially insecure deserialization of the workspace... Critical Unreviewed
CVE-2021-25758 was published May 24, 2022
Deserialization of untrusted data in the login page of ASSUWEB 359.3 build 1 subcomponent of ACA... Critical Unreviewed
CVE-2021-3160 was published May 24, 2022
IBM MQ 7.5, 8.0, 9.0, 9.1, 9.2 LTS, and 9.2 CD could allow a remote attacker to execute arbitrary... Critical Unreviewed
CVE-2020-4682 was published May 24, 2022
IBM QRadar SIEM 7.4.0 to 7.4.2 Patch 1 and 7.3.0 to 7.3.3 Patch 7 could allow a remote attacker... High Unreviewed
CVE-2020-4888 was published May 24, 2022
** UNSUPPORTED WHEN ASSIGNED ** IBM InfoSphere Information Server 8.5.0.0 is affected by... Critical Unreviewed
CVE-2020-27583 was published May 24, 2022
M&M Software fdtCONTAINER Component in versions below 3.5.20304.x and between 3.6 and 3.6.20304.x... High Unreviewed
CVE-2020-12525 was published May 24, 2022
OpenCATS through 0.9.5-3 unsafely deserializes index.php?m=activity requests, leading to remote... Critical Unreviewed
CVE-2021-25294 was published May 24, 2022
There is a vulnerability caused by unsafe Java deserialization that allows for arbitrary command... Critical Unreviewed
CVE-2020-24639 was published May 24, 2022
Improper handling of REST API XML deserialization errors in Jenkins High
CVE-2021-21604 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
ThinkAdmin insecure unserialize vulnerability Critical
CVE-2020-23653 was published for zoujingli/thinkadmin (Composer) May 24, 2022
AnonySE26
Credited to AnonySE26
rcdsvc in the Proofpoint Insider Threat Management Windows Agent (formerly ObserveIT Windows... High Unreviewed
CVE-2020-8884 was published May 24, 2022
The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains... Critical Unreviewed
CVE-2020-10655 was published May 24, 2022
The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains... Critical Unreviewed
CVE-2020-10656 was published May 24, 2022
The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains... High Unreviewed
CVE-2020-10657 was published May 24, 2022
The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains... Critical Unreviewed
CVE-2020-10658 was published May 24, 2022
The fileop module of the NXLog service in NXLog Community Edition 2.10.2150 allows remote... High Unreviewed
CVE-2020-35488 was published May 24, 2022
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5_2, 6.0.0.0 through 6.0.3.2,... High Unreviewed
CVE-2019-4728 was published May 24, 2022
PHP Object injection vulnerabilities in the Team Showcase plugin before 1.22.16 for WordPress... High Unreviewed
CVE-2020-35939 was published May 24, 2022
Insecure Deserialization in the Newsletter plugin before 6.8.2 for WordPress allows authenticated... High Unreviewed
CVE-2020-35932 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database