Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,271
NuGet
760
pip
4,065
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,007 advisories

Loading
There is a deserialization vulnerability in Huawei AnyOffice V200R006C10. An attacker can... High Unreviewed
CVE-2021-22439 was published May 24, 2022
Veeam Backup and Replication 10 before 10.0.1.4854 P20210609 and 11 before 11.0.0.837 P20210507... Critical Unreviewed
CVE-2021-35971 was published May 24, 2022
The joomsport_md_load AJAX action of the JoomSport WordPress plugin before 5.1.8, registered for... Critical Unreviewed
CVE-2021-24384 was published May 24, 2022
A remote insecure deserialization vulnerability was discovered in Aruba ClearPass Policy Manager... High Unreviewed
CVE-2021-29150 was published May 24, 2022
Deserialization of Untrusted Data in Apache Brooklyn High
CVE-2016-8744 was published for org.apache.brooklyn:brooklyn (Maven) May 17, 2022
Apache NiFi JMS Deserialization issue High
CVE-2018-1310 was published for org.apache.nifi:nifi (Maven) May 14, 2022
A CWE-502: Deserialization of Untrusted Data vulnerability exists that could cause code execution... High Unreviewed
CVE-2021-22777 was published May 24, 2022
In BIG-IP Versions 16.1.x before 16.1.3, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all... Moderate Unreviewed
CVE-2022-33947 was published Aug 5, 2022
Concrete5 through 8.5.5 deserializes Untrusted Data. The vulnerable code is located within the... High Unreviewed
CVE-2021-36766 was published May 24, 2022
Deserialization issue discovered in Ruoyi before 4.6.1 allows remote attackers to run arbitrary... Critical Unreviewed
CVE-2021-38241 was published Dec 17, 2022
Vulnerability in the Oracle GraalVM Enterprise Edition product of Oracle GraalVM (component: Java... Moderate Unreviewed
CVE-2020-2604 was published May 24, 2022
Deserialization of Untrusted Data in org.jboss.resteasy:resteasy-yaml-provider High
CVE-2018-1051 was published for org.jboss.resteasy:resteasy-yaml-provider (Maven) May 13, 2022
IBM Partner Engagement Manager 2.0 could allow a remote attacker to execute arbitrary code on the... Critical Unreviewed
CVE-2021-29781 was published May 24, 2022
A unsafe deserialization vulnerability exists in the PackageManagement.plugin ExtensionMethods... High Unreviewed
CVE-2021-21865 was published May 24, 2022
Deserialization of Untrusted Data Vulnerability Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7... Critical Unreviewed
CVE-2020-5341 was published May 24, 2022
A unsafe deserialization vulnerability exists in the ObjectManager.plugin ProfileInformation... High Unreviewed
CVE-2021-21866 was published May 24, 2022
A unsafe deserialization vulnerability exists in the ComponentModel ComponentManager... High Unreviewed
CVE-2021-21864 was published May 24, 2022
DevExpress.XtraReports.UI through v21.1 allows attackers to execute arbitrary code via insecure... Critical Unreviewed
CVE-2021-36483 was published May 24, 2022
A unsafe deserialization vulnerability exists in the ComponentModel Profile.FromFile()... High Unreviewed
CVE-2021-21863 was published May 24, 2022
In JetBrains TeamCity before 2020.2.4, there was an insecure deserialization. Critical Unreviewed
CVE-2021-37544 was published May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2022-28684 was published Aug 4, 2022
The WHM Locale Upload feature in cPanel before 98.0.1 allows unserialization attacks (SEC-585). High Unreviewed
CVE-2021-38585 was published May 24, 2022
A unsafe deserialization vulnerability exists in the ObjectManager.plugin Project... High Unreviewed
CVE-2021-21868 was published May 24, 2022
A unsafe deserialization vulnerability exists in the ObjectManager.plugin ObjectStream... High Unreviewed
CVE-2021-21867 was published May 24, 2022
An issue was discovered in Blue Prism Enterprise 6.0 through 7.01. In a misconfigured environment... High Unreviewed
CVE-2022-36119 was published Aug 26, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database