GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,638
Composer 5,007
Erlang 39
GitHub Actions 38
Go 2,645
Maven 6,108
npm 4,271
NuGet 760
pip 4,065
Pub 12
RubyGems 957
Rust 1,057
Swift 45

Unreviewed advisories

All unreviewed 277,148

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

2,007 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5_2, 6.0.0.0 through 6.0.3.2,... High Unreviewed

CVE-2019-4728 was published May 24, 2022

A accessmgrservlet classname deserialization of untrusted data remote code execution... Critical Unreviewed

CVE-2020-24648 was published May 24, 2022

M&M Software fdtCONTAINER Component in versions below 3.5.20304.x and between 3.6 and 3.6.20304.x... High Unreviewed

CVE-2020-12525 was published May 24, 2022

IBM QRadar SIEM 7.4.0 to 7.4.2 Patch 1 and 7.3.0 to 7.3.3 Patch 7 could allow a remote attacker... High Unreviewed

CVE-2020-4888 was published May 24, 2022

In JetBrains IntelliJ IDEA before 2020.3, potentially insecure deserialization of the workspace... Critical Unreviewed

CVE-2021-25758 was published May 24, 2022

Insecure Deserialization in the Newsletter plugin before 6.8.2 for WordPress allows authenticated... High Unreviewed

CVE-2020-35932 was published May 24, 2022

NetMotion Mobility before 11.73 and 12.x before 12.02 allows unauthenticated remote attackers to... Critical Unreviewed

CVE-2021-26912 was published May 24, 2022

There is a vulnerability caused by unsafe Java deserialization that allows for arbitrary command... Critical Unreviewed

CVE-2020-24639 was published May 24, 2022

OpenCATS through 0.9.5-3 unsafely deserializes index.php?m=activity requests, leading to remote... Critical Unreviewed

CVE-2021-25294 was published May 24, 2022

IBM MQ 7.5, 8.0, 9.0, 9.1, 9.2 LTS, and 9.2 CD could allow a remote attacker to execute arbitrary... Critical Unreviewed

CVE-2020-4682 was published May 24, 2022

NetMotion Mobility before 11.73 and 12.x before 12.02 allows unauthenticated remote attackers to... Critical Unreviewed

CVE-2021-26913 was published May 24, 2022

NetMotion Mobility before 11.73 and 12.x before 12.02 allows unauthenticated remote attackers to... Critical Unreviewed

CVE-2021-26915 was published May 24, 2022

NetMotion Mobility before 11.73 and 12.x before 12.02 allows unauthenticated remote attackers to... Critical Unreviewed

CVE-2021-26914 was published May 24, 2022

The Solr plugin of Apache OFBiz is configured by default to automatically make a RMI request on... Critical Unreviewed

CVE-2022-29063 was published Sep 3, 2022

Nolan Ray from Apple Information Security identified a security vulnerability in Spinnaker, all... High Unreviewed

CVE-2020-9301 was published May 24, 2022

config.py in pystemon before 2021-02-13 allows code execution via YAML deserialization because... Critical Unreviewed

CVE-2021-27213 was published May 24, 2022

This vulnerability allows remote attackers to execute arbitrary code on affected installations of... Critical Unreviewed

CVE-2020-27868 was published May 24, 2022

KollectApps before 4.8.16c is affected by insecure Java deserialization, leading to Remote Code... Critical Unreviewed

CVE-2021-27335 was published May 24, 2022

The specific function of HR Portal of Soar Cloud System accepts any type of object to be... Critical Unreviewed

CVE-2021-22855 was published May 24, 2022

Multiple vulnerabilities in the web-based management interface of Cisco RV340, RV340W, RV345, and... Moderate Unreviewed

CVE-2021-1413 was published May 24, 2022

The wp-hotel-booking plugin through 1.10.2 for WordPress allows remote attackers to execute... Critical Unreviewed

CVE-2020-29047 was published May 24, 2022

PHP Object injection vulnerabilities in the Team Showcase plugin before 1.22.16 for WordPress... High Unreviewed

CVE-2020-35939 was published May 24, 2022

Tenable.sc and Tenable.sc Core versions 5.13.0 through 5.17.0 were found to contain a... High Unreviewed

CVE-2021-20076 was published May 24, 2022

The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains... High Unreviewed

CVE-2020-10657 was published May 24, 2022

The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains... Critical Unreviewed

CVE-2020-10658 was published May 24, 2022

Previous 1…7…81 Next

Previous 1 2 … 5 6 7 8 9 … 80 81 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,007 advisories