Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,264
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,006 advisories

Loading
Re-Logic Terraria before 1.4.2.3 performs Insecure Deserialization. Critical Unreviewed
CVE-2021-32075 was published May 24, 2022
Deserialization of untrusted data in the login page of ASSUWEB 359.3 build 1 subcomponent of ACA... Critical Unreviewed
CVE-2021-3160 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco RV340, RV340W, RV345, and... Moderate Unreviewed
CVE-2021-1414 was published May 24, 2022
A remote insecure deserialization vulnerability was discovered in Aruba AirWave Management... High Unreviewed
CVE-2021-25152 was published May 24, 2022
Apache OFBiz has unsafe deserialization prior to 17.12.07 version An unauthenticated user can... Critical Unreviewed
CVE-2021-29200 was published May 24, 2022
AjaxSearchPro before 4.20.8 allows Deserialization of Untrusted Data (in the import database... High Unreviewed
CVE-2021-29654 was published May 24, 2022
The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains... High Unreviewed
CVE-2020-10657 was published May 24, 2022
The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains... Critical Unreviewed
CVE-2020-10658 was published May 24, 2022
Tenable.sc and Tenable.sc Core versions 5.13.0 through 5.17.0 were found to contain a... High Unreviewed
CVE-2021-20076 was published May 24, 2022
PHP Object injection vulnerabilities in the Team Showcase plugin before 1.22.16 for WordPress... High Unreviewed
CVE-2020-35939 was published May 24, 2022
The wp-hotel-booking plugin through 1.10.2 for WordPress allows remote attackers to execute... Critical Unreviewed
CVE-2020-29047 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco RV340, RV340W, RV345, and... Moderate Unreviewed
CVE-2021-1413 was published May 24, 2022
The specific function of HR Portal of Soar Cloud System accepts any type of object to be... Critical Unreviewed
CVE-2021-22855 was published May 24, 2022
KollectApps before 4.8.16c is affected by insecure Java deserialization, leading to Remote Code... Critical Unreviewed
CVE-2021-27335 was published May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... Critical Unreviewed
CVE-2020-27868 was published May 24, 2022
config.py in pystemon before 2021-02-13 allows code execution via YAML deserialization because... Critical Unreviewed
CVE-2021-27213 was published May 24, 2022
Nolan Ray from Apple Information Security identified a security vulnerability in Spinnaker, all... High Unreviewed
CVE-2020-9301 was published May 24, 2022
The Solr plugin of Apache OFBiz is configured by default to automatically make a RMI request on... Critical Unreviewed
CVE-2022-29063 was published Sep 3, 2022
NetMotion Mobility before 11.73 and 12.x before 12.02 allows unauthenticated remote attackers to... Critical Unreviewed
CVE-2021-26913 was published May 24, 2022
NetMotion Mobility before 11.73 and 12.x before 12.02 allows unauthenticated remote attackers to... Critical Unreviewed
CVE-2021-26915 was published May 24, 2022
NetMotion Mobility before 11.73 and 12.x before 12.02 allows unauthenticated remote attackers to... Critical Unreviewed
CVE-2021-26914 was published May 24, 2022
IBM MQ 7.5, 8.0, 9.0, 9.1, 9.2 LTS, and 9.2 CD could allow a remote attacker to execute arbitrary... Critical Unreviewed
CVE-2020-4682 was published May 24, 2022
OpenCATS through 0.9.5-3 unsafely deserializes index.php?m=activity requests, leading to remote... Critical Unreviewed
CVE-2021-25294 was published May 24, 2022
There is a vulnerability caused by unsafe Java deserialization that allows for arbitrary command... Critical Unreviewed
CVE-2020-24639 was published May 24, 2022
NetMotion Mobility before 11.73 and 12.x before 12.02 allows unauthenticated remote attackers to... Critical Unreviewed
CVE-2021-26912 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database