GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,614
Composer 5,007
Erlang 39
GitHub Actions 38
Go 2,638
Maven 6,105
npm 4,264
NuGet 760
pip 4,060
Pub 12
RubyGems 956
Rust 1,056
Swift 45

Unreviewed advisories

All unreviewed 277,032

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

2,007 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Insecure Deserialization of untrusted data remote code execution vulnerability was discovered in... High Unreviewed

CVE-2021-35216 was published May 24, 2022

mrdoc is vulnerable to Deserialization of Untrusted Data High Unreviewed

CVE-2021-32568 was published May 24, 2022

The bt_bb_get_grid AJAX action of the Bold Page Builder WordPress plugin before 3.1.6 passes user... High Unreviewed

CVE-2021-24579 was published May 24, 2022

Insecure deserialization leading to Remote Code Execution was detected in the Orion Platform... High Unreviewed

CVE-2021-35215 was published May 24, 2022

An issue was discovered in EdgeGallery/developer before v1.0. There is a "Deserialization of yaml... Critical Unreviewed

CVE-2021-34066 was published May 24, 2022

Deserialization of untrusted data in multiple functions in MIK.starlight 7.9.5.24363 allows... High Unreviewed

CVE-2021-36231 was published May 24, 2022

An unsafe deserialization vulnerability exists in the Engine.plugin ProfileInformation... High Unreviewed

CVE-2021-21869 was published May 24, 2022

An issue was discovered in Blue Prism Enterprise 6.0 through 7.01. In a misconfigured environment... High Unreviewed

CVE-2022-36119 was published Aug 26, 2022

A unsafe deserialization vulnerability exists in the ObjectManager.plugin ObjectStream... High Unreviewed

CVE-2021-21867 was published May 24, 2022

A unsafe deserialization vulnerability exists in the ObjectManager.plugin Project... High Unreviewed

CVE-2021-21868 was published May 24, 2022

The WHM Locale Upload feature in cPanel before 98.0.1 allows unserialization attacks (SEC-585). High Unreviewed

CVE-2021-38585 was published May 24, 2022

This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed

CVE-2022-28684 was published Aug 4, 2022

In JetBrains TeamCity before 2020.2.4, there was an insecure deserialization. Critical Unreviewed

CVE-2021-37544 was published May 24, 2022

A unsafe deserialization vulnerability exists in the ComponentModel Profile.FromFile()... High Unreviewed

CVE-2021-21863 was published May 24, 2022

DevExpress.XtraReports.UI through v21.1 allows attackers to execute arbitrary code via insecure... Critical Unreviewed

CVE-2021-36483 was published May 24, 2022

A unsafe deserialization vulnerability exists in the ComponentModel ComponentManager... High Unreviewed

CVE-2021-21864 was published May 24, 2022

Deserialization of Untrusted Data Vulnerability Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7... Critical Unreviewed

CVE-2020-5341 was published May 24, 2022

A unsafe deserialization vulnerability exists in the ObjectManager.plugin ProfileInformation... High Unreviewed

CVE-2021-21866 was published May 24, 2022

A unsafe deserialization vulnerability exists in the PackageManagement.plugin ExtensionMethods... High Unreviewed

CVE-2021-21865 was published May 24, 2022

Deserialization of Untrusted Data in org.jboss.resteasy:resteasy-yaml-provider High

CVE-2018-1051 was published for org.jboss.resteasy:resteasy-yaml-provider (Maven) May 13, 2022

IBM Partner Engagement Manager 2.0 could allow a remote attacker to execute arbitrary code on the... Critical Unreviewed

CVE-2021-29781 was published May 24, 2022

Vulnerability in the Oracle GraalVM Enterprise Edition product of Oracle GraalVM (component: Java... Moderate Unreviewed

CVE-2020-2604 was published May 24, 2022

Deserialization issue discovered in Ruoyi before 4.6.1 allows remote attackers to run arbitrary... Critical Unreviewed

CVE-2021-38241 was published Dec 17, 2022

Concrete5 through 8.5.5 deserializes Untrusted Data. The vulnerable code is located within the... High Unreviewed

CVE-2021-36766 was published May 24, 2022

In BIG-IP Versions 16.1.x before 16.1.3, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all... Moderate Unreviewed

CVE-2022-33947 was published Aug 5, 2022

Previous 1…72…81 Next

Previous 1 2 … 70 71 72 73 74 … 80 81 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,007 advisories