GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,614
Composer 5,007
Erlang 39
GitHub Actions 38
Go 2,638
Maven 6,105
npm 4,264
NuGet 760
pip 4,060
Pub 12
RubyGems 956
Rust 1,056
Swift 45

Unreviewed advisories

All unreviewed 277,015

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

2,006 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Insecure Deserialization in the Newsletter plugin before 6.8.2 for WordPress allows authenticated... High Unreviewed

CVE-2020-35932 was published May 24, 2022

In JetBrains IntelliJ IDEA before 2020.3, potentially insecure deserialization of the workspace... Critical Unreviewed

CVE-2021-25758 was published May 24, 2022

IBM QRadar SIEM 7.4.0 to 7.4.2 Patch 1 and 7.3.0 to 7.3.3 Patch 7 could allow a remote attacker... High Unreviewed

CVE-2020-4888 was published May 24, 2022

M&M Software fdtCONTAINER Component in versions below 3.5.20304.x and between 3.6 and 3.6.20304.x... High Unreviewed

CVE-2020-12525 was published May 24, 2022

rcdsvc in the Proofpoint Insider Threat Management Windows Agent (formerly ObserveIT Windows... High Unreviewed

CVE-2020-8884 was published May 24, 2022

IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5_2, 6.0.0.0 through 6.0.3.2,... High Unreviewed

CVE-2019-4728 was published May 24, 2022

A accessmgrservlet classname deserialization of untrusted data remote code execution... Critical Unreviewed

CVE-2020-24648 was published May 24, 2022

The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains... Critical Unreviewed

CVE-2020-10655 was published May 24, 2022

The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains... Critical Unreviewed

CVE-2020-10656 was published May 24, 2022

The fileop module of the NXLog service in NXLog Community Edition 2.10.2150 allows remote... High Unreviewed

CVE-2020-35488 was published May 24, 2022

Multiple vulnerabilities in the Java deserialization function that is used by Cisco Security... Critical Unreviewed

CVE-2020-27131 was published May 24, 2022

Deserialization of untrusted data vulnerability in XooNIps 3.49 and earlier allows remote... Critical Unreviewed

CVE-2020-5664 was published May 24, 2022

Use of unsafe yaml load. Allows instantiation of arbitrary objects. The flaw itself is caused by... Moderate Unreviewed

CVE-2020-10289 was published May 24, 2022

A Java Deserialization vulnerability in the Fishbowl Server in Fishbowl Inventory before 2022.4.1... Critical Unreviewed

CVE-2022-29805 was published Aug 20, 2022

The WPtouch WordPress plugin before 4.3.45 unserialises the content of an imported settings file,... High Unreviewed

CVE-2022-3417 was published Jan 10, 2023

Apache Geode unsafe deserialization in TcpServer Critical

CVE-2017-15692 was published for org.apache.geode:geode-core (Maven) May 14, 2022

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to execute... High Unreviewed

CVE-2020-4589 was published May 24, 2022

Apache Geode unsafe deserialization of application objects High

CVE-2017-15693 was published for org.apache.geode:geode-core (Maven) May 14, 2022

The Starter Templates by Kadence WP WordPress plugin before 1.2.17 unserialises the content of an... High Unreviewed

CVE-2022-3679 was published Jan 10, 2023

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to achieve... High Unreviewed

CVE-2020-14172 was published May 24, 2022

The WP Custom Admin Interface WordPress plugin before 7.29 unserialize user input provided via... High Unreviewed

CVE-2022-4043 was published Jan 10, 2023

In BnAAudioService::onTransact of IAAudioService.cpp, there is a possible out of bounds read due... Low Unreviewed

CVE-2020-0132 was published May 24, 2022

Auth. (subscriber+) PHP Object Injection vulnerability in Betheme theme <= 26.5.1.4 on WordPress. High Unreviewed

CVE-2022-45077 was published Nov 18, 2022

The Apros Evolution, ConsciusMap, and Furukawa provisioning systems through 2.8.1 allow remote... High Unreviewed

CVE-2020-12133 was published May 24, 2022

IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow an authenticated user to send a specially crafted... Moderate Unreviewed

CVE-2020-4271 was published May 24, 2022

Previous 1…75…81 Next

Previous 1 2 … 73 74 75 76 77 … 80 81 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,006 advisories