GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,638
Composer 5,007
Erlang 39
GitHub Actions 38
Go 2,645
Maven 6,108
npm 4,271
NuGet 760
pip 4,065
Pub 12
RubyGems 957
Rust 1,057
Swift 45

Unreviewed advisories

All unreviewed 277,152

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

2,007 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

ManageEngine Applications Manager 12 and 13 before build 13200, allows unserialization of unsafe... Critical Unreviewed

CVE-2016-9498 was published May 13, 2022

The Java implementations of AMF3 deserializers in WebORB for Java by Midnight Coders, version 5.1... Critical Unreviewed

CVE-2017-3207 was published May 13, 2022

Hessian Lite for Apache Dubbo deserialization vulnerability Critical

CVE-2022-39198 was published for com.alibaba:hessian-lite (Maven) Oct 19, 2022

HTTPServerILServlet.java in JMS over HTTP Invocation Layer of the JbossMQ implementation, which... Critical Unreviewed

CVE-2017-7504 was published May 13, 2022

The PHP form code generated by PHP FormMail Generator deserializes untrusted input as part of the... Critical Unreviewed

CVE-2016-9483 was published May 13, 2022

The hotrod java client in infinispan before 9.1.0.Final automatically deserializes bytearray... High Unreviewed

CVE-2016-0750 was published May 13, 2022

Red Hat JBoss EAP version 5 is vulnerable to a deserialization of untrusted data in the JMX... Moderate Unreviewed

CVE-2016-9585 was published May 13, 2022

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations... Critical Unreviewed

CVE-2017-17406 was published May 13, 2022

An Improper Input Validation vulnerability in the J-Web component of Juniper Networks Junos OS... High Unreviewed

CVE-2022-22241 was published Oct 18, 2022

The Java implementation of AMF3 deserializers used in Flamingo amf-serializer by Exadel, version... High Unreviewed

CVE-2017-3201 was published May 13, 2022

In Eclipse OpenJ9 version 0.8, users other than the process owner may be able to use Java Attach... High Unreviewed

CVE-2018-12539 was published May 13, 2022

IBM WebSphere Application Server Liberty OpenID Connect could allow a remote attacker to execute... Critical Unreviewed

CVE-2018-1851 was published May 13, 2022

A Java deserialization vulnerability in Cisco Unity Express (CUE) could allow an unauthenticated,... Critical Unreviewed

CVE-2018-15381 was published May 13, 2022

A vulnerability in the Web UI component of Avaya Aura System Platform could allow a remote,... Critical Unreviewed

CVE-2018-15616 was published May 13, 2022

Serialization of sensitive data in GitLab EE affecting all versions from 14.9 prior to 15.2.5, 15... Moderate Unreviewed

CVE-2022-3291 was published Oct 17, 2022

The wiki_decode Developer System Helper function in the admin panel in Kaltura before 13.2.0... High Unreviewed

CVE-2017-14141 was published May 13, 2022

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow remote attackers to execute... Critical Unreviewed

CVE-2018-1904 was published May 13, 2022

OpenMRS before 2.24.0 is affected by an Insecure Object Deserialization vulnerability that allows... Critical Unreviewed

CVE-2018-19276 was published May 13, 2022

Buck parser-cache command loads/saves state using Java serialized object. If the state... Critical Unreviewed

CVE-2018-6331 was published May 13, 2022

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow remote attackers to execute... Critical Unreviewed

CVE-2018-1567 was published May 13, 2022

A Deserialization of Untrusted Data issue was discovered in OSIsoft PI Data Archive versions 2017... High Unreviewed

CVE-2018-7529 was published May 13, 2022

October CMS build 412 is vulnerable to PHP object injection in asset move functionality resulting... High Unreviewed

CVE-2017-1000195 was published May 13, 2022

The sandbox implementation in Google Chrome before 6.0.472.53 does not properly deserialize... High Unreviewed

CVE-2010-3258 was published May 13, 2022

The AMF unmarshallers in Red5 Media Server before 1.0.8 do not restrict the classes for which it... Critical Unreviewed

CVE-2017-5878 was published May 13, 2022

The Pickle::Pickle function in base/pickle.cc in Google Chrome before 8.0.552.224 and Chrome OS... High Unreviewed

CVE-2010-4574 was published May 13, 2022

Previous 1…65…81 Next

Previous 1 2 … 63 64 65 66 67 … 80 81 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,007 advisories