Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,001 advisories

Loading
ERS Data System 1.8.1.0 allows remote attackers to execute arbitrary code, related to "com... Critical Unreviewed
CVE-2017-14702 was published May 13, 2022
The Pickle::Pickle function in base/pickle.cc in Google Chrome before 8.0.552.224 and Chrome OS... High Unreviewed
CVE-2010-4574 was published May 13, 2022
October CMS build 412 is vulnerable to PHP object injection in asset move functionality resulting... High Unreviewed
CVE-2017-1000195 was published May 13, 2022
The sandbox implementation in Google Chrome before 6.0.472.53 does not properly deserialize... High Unreviewed
CVE-2010-3258 was published May 13, 2022
The AMF unmarshallers in Red5 Media Server before 1.0.8 do not restrict the classes for which it... Critical Unreviewed
CVE-2017-5878 was published May 13, 2022
An issue was discovered in CMS Made Simple 2.2.8. In the module DesignManager (in the files... High Unreviewed
CVE-2019-9055 was published May 13, 2022
An issue was discovered in CMS Made Simple 2.2.8. In the module FilePicker, it is possible to... High Unreviewed
CVE-2019-9057 was published May 13, 2022
An issue was discovered in CMS Made Simple 2.2.8. In the module ModuleManager (in the file action... High Unreviewed
CVE-2019-9061 was published May 13, 2022
An issue was discovered in CMS Made Simple 2.2.8. In the module FrontEndUsers (in the file class... High Unreviewed
CVE-2019-9056 was published May 13, 2022
Joomla! Object Injection Vulnerability Critical
CVE-2019-7743 was published for joomla/joomla-cms (Composer) May 13, 2022
Drupal Core Remote Code Execution Vulnerability High
CVE-2019-6340 was published for drupal/core (Composer) May 13, 2022
In Pydio before 8.2.2, an attack is possible via PHP Object Injection because a user is allowed... Critical Unreviewed
CVE-2018-20718 was published May 13, 2022
A potential Remote Arbitrary Code Execution vulnerability has been identified in Micro Focus'... High Unreviewed
CVE-2018-18589 was published May 13, 2022
Pippo RCE Vulnerability Critical
CVE-2018-18240 was published for ro.pippo:pippo-core (Maven) May 13, 2022
An issue was discovered in EasyLogin Pro through 1.3.0. Encryptor.php contains an unserialize... High Unreviewed
CVE-2018-15576 was published May 13, 2022
CMS Made Simple (CMSMS) through 2.2.6 allows PHP object injection because of an unserialize call... Critical Unreviewed
CVE-2018-10085 was published May 13, 2022
YesWiki version <= cercopitheque beta 1 contains a PHP Object Injection vulnerability in... Critical Unreviewed
CVE-2018-1000641 was published May 13, 2022
openpsa contains a PHP Object Injection vulnerability in Form data passed as GET request... Critical Unreviewed
CVE-2018-1000525 was published May 13, 2022
Froxlor PHP Object Injection vulnerability High
CVE-2018-1000527 was published for froxlor/froxlor (Composer) May 13, 2022
ValidFormBuilder version 4.5.4 contains a PHP Object Injection vulnerability in Valid Form... Critical Unreviewed
CVE-2018-1000059 was published May 13, 2022
** DISPUTED ** The xdr_bytes and xdr_string functions in the GNU C Library (aka glibc or libc6) 2... High Unreviewed
CVE-2017-8804 was published May 13, 2022
Adobe ColdFusion 10 before Update 19, 11 before Update 8, and 2016 before Update 1 allows remote... Critical Unreviewed
CVE-2016-1114 was published May 13, 2022
Adobe ColdFusion 2016 Update 3 and earlier, ColdFusion 11 update 11 and earlier, ColdFusion 10... Critical Unreviewed
CVE-2017-3066 was published May 13, 2022
Adobe ColdFusion has an Untrusted Data Deserialization vulnerability. This affects Update 4 and... Critical Unreviewed
CVE-2017-11283 was published May 13, 2022
Adobe ColdFusion has an Untrusted Data Deserialization vulnerability. This affects Update 4 and... Critical Unreviewed
CVE-2017-11284 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database