GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,603
Composer 5,006
Erlang 39
GitHub Actions 38
Go 2,636
Maven 6,104
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,946

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

2,005 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Deserialization of Untrusted Data vulnerability in ICONICS GENESIS64 versions 10.97.1 and prior... High Unreviewed

CVE-2022-33315 was published Jul 21, 2022

Deserialization of Untrusted Data vulnerability in ICONICS GENESIS64 versions 10.97.1 and prior... High Unreviewed

CVE-2022-33316 was published Jul 21, 2022

ObjectSocketWrapper.java in Gradle 2.12 allows remote attackers to execute arbitrary code via a... Critical Unreviewed

CVE-2016-6199 was published May 17, 2022

The JIRA Workflow Designer Plugin in Atlassian JIRA Server before 6.3.0 improperly uses an XML... Critical Unreviewed

CVE-2017-5983 was published May 17, 2022

This issue affects: HYPR Windows WFA versions prior to 7.2; Unsafe Deserialization vulnerability... High Unreviewed

CVE-2022-1984 was published Jul 20, 2022

EasyUse MailHunter Ultimate’s cookie deserialization function has an inadequate validation... Critical Unreviewed

CVE-2022-35223 was published Aug 3, 2022

A deserialization vulnerability in a .NET framework class used and not properly checked by Safety... High Unreviewed

CVE-2022-27580 was published Jul 20, 2022

A deserialization vulnerability in a .NET framework class used and not properly checked by Flexi... High Unreviewed

CVE-2022-27579 was published Jul 20, 2022

An issue was discovered in Druva 6.9.0 for macOS, allows attackers to gain escalated local... High Unreviewed

CVE-2021-36665 was published Jul 13, 2022

An issue was discovered in Gentics CMS before 5.43.1. By uploading a malicious ZIP file, an... High Unreviewed

CVE-2022-30981 was published Jul 18, 2022

Deserialization of Untrusted Data vulnerability in ICONICS GENESIS64 versions 10.97.1 and prior... High Unreviewed

CVE-2022-33320 was published Jul 21, 2022

melisplatform/melis-cms vulnerable to deserialization of untrusted data High

CVE-2022-39297 was published for melisplatform/melis-cms (Composer) Oct 11, 2022

melisplatform/melis-front vulnerable to deserialization of untrusted data High

CVE-2022-39298 was published for melisplatform/melis-front (Composer) Oct 11, 2022

QVIS NVR DVR before 2021-12-13 is vulnerable to Remote Code Execution via Java deserialization. Critical Unreviewed

CVE-2021-41419 was published Jul 19, 2022

The PooledInvokerServlet in JBoss EAP 4.x and 5.x allows remote attackers to execute arbitrary... Critical Unreviewed

CVE-2016-3690 was published May 17, 2022

SerializableProvider in RESTEasy in Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux... Critical Unreviewed

CVE-2016-7050 was published May 17, 2022

IdeaBlade Breeze Breeze.Server.NET before 1.6.5 allows remote attackers to execute arbitrary code... Critical Unreviewed

CVE-2017-9424 was published May 17, 2022

kvf-admin through 2022-02-12 allows remote attackers to execute arbitrary code because... Critical Unreviewed

CVE-2022-35857 was published Jul 14, 2022

Deserialization vulnerability in lintian through 2.5.50.3 allows attackers to trigger code... High Unreviewed

CVE-2017-8829 was published May 17, 2022

Remote Code Execution is possible in Code42 CrashPlan 5.4.x via the org.apache.commons.ssl.rmi... Critical Unreviewed

CVE-2017-9830 was published May 17, 2022

IBM Websphere MQ JMS 7.0.1, 7.1, 7.5, 8.0, and 9.0 client provides classes that deserialize... Critical Unreviewed

CVE-2016-0360 was published May 17, 2022

Apache Camel Netty enables Java deserialization by default Critical

CVE-2020-11973 was published for org.apache.camel:camel-netty (Maven) May 21, 2020

Deserialization of Untrusted Data in topthink/framework Critical

CVE-2022-33107 was published for topthink/framework (Composer) Jun 30, 2022

A vulnerability, which was classified as critical, was found in Laravel 5.1. Affected is an... High Unreviewed

CVE-2022-2886 was published Aug 20, 2022

SAP NetWeaver Developer Studio (NWDS) - version 7.50, is based on Eclipse, which contains the... Low Unreviewed

CVE-2022-29615 was published Jun 15, 2022

Previous 1…77…81 Next

Previous 1 2 … 75 76 77 78 79 80 81 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,005 advisories