GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,638
Composer 5,007
Erlang 39
GitHub Actions 38
Go 2,645
Maven 6,108
npm 4,271
NuGet 760
pip 4,065
Pub 12
RubyGems 957
Rust 1,057
Swift 45

Unreviewed advisories

All unreviewed 277,156

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

2,007 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The Milestone XProtect Video Management Software (Corporate, Expert, Professional+, Express+,... High Unreviewed

CVE-2018-7891 was published May 14, 2022

A remote code execution vulnerability was identified in HP Business Service Management (BSM)... High Unreviewed

CVE-2016-4405 was published May 14, 2022

There is a Hazelcast Library Java Deserialization Vulnerability in Citrix XenMobile Server 10.8... High Unreviewed

CVE-2018-10654 was published May 14, 2022

PHPMemcachedAdmin 1.2.2 and earlier allows remote attackers to execute arbitrary PHP code via... Critical Unreviewed

CVE-2014-8731 was published May 14, 2022

All versions prior to V5.09.02.02T4 of the ZTE ZXIPTV-EPG product use the Java RMI service in... Critical Unreviewed

CVE-2017-10934 was published May 14, 2022

A remote arbitrary code execution vulnerability was identified in HP Network Node Manager i (NNMi... High Unreviewed

CVE-2016-4398 was published May 14, 2022

The EjbObjectInputStream class in Apache TomEE before 1.7.4 and 7.x before 7.0.0-M3 allows remote... Critical Unreviewed

CVE-2016-0779 was published May 14, 2022

gui2/viewer/bookmarkmanager.py in Calibre 3.18 calls cPickle.load on imported bookmark data,... High Unreviewed

CVE-2018-7889 was published May 14, 2022

JetBrains dotPeek before 2018.2 and ReSharper Ultimate before 2018.1.4 allow attackers to execute... High Unreviewed

CVE-2018-14878 was published May 14, 2022

A Deserialization of Untrusted Data Privilege Escalation vulnerability in Trend Micro Security... High Unreviewed

CVE-2018-10513 was published May 14, 2022

HandleRequestAsync in Docker for Windows before 18.06.0-ce-rc3-win68 (edge) and before 18.06.0-ce... High Unreviewed

CVE-2018-15514 was published May 14, 2022

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component:... Moderate Unreviewed

CVE-2020-2756 was published May 24, 2022

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component:... Moderate Unreviewed

CVE-2020-2757 was published May 24, 2022

The unpack implementation in Swoole version 4.0.4 lacks correct size checks in the... High Unreviewed

CVE-2018-15503 was published May 14, 2022

SAS Web Infrastructure Platform before 9.4M6 allows remote attackers to execute arbitrary code... Critical Unreviewed

CVE-2018-20732 was published May 14, 2022

VT-Designer Version 2.1.7.31 is vulnerable by the program populating objects with user supplied... High Unreviewed

CVE-2018-18987 was published May 14, 2022

Deserialization of Untrusted Data in Apache Dubbo Moderate

CVE-2019-17564 was published for org.apache.dubbo:dubbo-rpc-http-invoker (Maven) May 24, 2022

MegaMek version < v0.45.1 contains a Other/Unknown vulnerability in Object Stream Connection that... Critical Unreviewed

CVE-2018-1000824 was published May 14, 2022

Ubilling version <= 0.9.2 contains a Other/Unknown vulnerability in user-controlled parameter... Critical Unreviewed

CVE-2018-1000827 was published May 14, 2022

The REST API in CyberArk Password Vault Web Access before 9.9.5 and 10.x before 10.1 allows... Critical Unreviewed

CVE-2018-9843 was published May 14, 2022

In WordPress before 4.9.9 and 5.x before 5.0.1, contributors could conduct PHP object injection... Critical Unreviewed

CVE-2018-20148 was published May 14, 2022

There is a deserialization vulnerability in Chatopera cosin v3.10.0. An attacker can execute... Critical Unreviewed

CVE-2019-6503 was published May 14, 2022

ZoneMinder version <= 1.32.2 contains a Other/Unknown vulnerability in User-controlled parameter... Critical Unreviewed

CVE-2018-1000833 was published May 14, 2022

A Remote Code Execution vulnerability in HPE intelligent Management Center (iMC) PLAT version IMC... Critical Unreviewed

CVE-2017-12557 was published May 14, 2022

Secure/SAService.rem in Deltek Ajera Timesheets 9.10.16 and prior are vulnerable to remote code... High Unreviewed

CVE-2018-20221 was published May 14, 2022

Previous 1…63…81 Next

Previous 1 2 … 61 62 63 64 65 … 80 81 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,007 advisories