GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,614
Composer 5,007
Erlang 39
GitHub Actions 38
Go 2,638
Maven 6,105
npm 4,264
NuGet 760
pip 4,060
Pub 12
RubyGems 956
Rust 1,056
Swift 45

Unreviewed advisories

All unreviewed 277,056

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,377 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A vulnerability, which was classified as critical, was found in D-Link DIR-846 FW100A53DBR. This... High Unreviewed

CVE-2023-6580 was published Dec 8, 2023

A deserialization vulnerability in NettyRpc v1.2 allows attackers to execute arbitrary commands... Critical Unreviewed

CVE-2023-48886 was published Dec 2, 2023

In Delta Electronics InfraSuite Device Master v.1.0.7, a vulnerability exists that allows an... Critical Unreviewed

CVE-2023-47207 was published Dec 1, 2023

An issue in the box_deserialize_reusing function in openlink virtuoso-opensource v7.2.11 allows... High Unreviewed

CVE-2023-48952 was published Nov 29, 2023

Deserialization of Untrusted Data in PublicCMS v.4.0.202302.e allows a remote attacker to execute... Critical Unreviewed

CVE-2023-46990 was published Nov 20, 2023

Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlier) are affected by an... Critical Unreviewed

CVE-2023-44353 was published Nov 17, 2023

Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlier) are affected by an... Critical Unreviewed

CVE-2023-44351 was published Nov 17, 2023

Adobe ColdFusion versions 2023.5 (and earlier) and 2021.11 (and earlier) are affected by an... Critical Unreviewed

CVE-2023-44350 was published Nov 17, 2023

An issue was discovered in phpFox before 4.8.14. The url request parameter passed to the /core... Critical Unreviewed

CVE-2023-46817 was published Nov 3, 2023

Unsafe variable extraction in bitrix/modules/main/classes/general/user_options.php in Bitrix24 22... High Unreviewed

CVE-2023-1714 was published Nov 1, 2023

Thorn SFTP gateway 3.4.x before 3.4.4 uses Pivotal Spring Framework for Java deserialization of... Critical Unreviewed

CVE-2023-47174 was published Oct 31, 2023

The WP Simple Galleries plugin for WordPress is vulnerable to PHP Object Injection in versions up... High Unreviewed

CVE-2023-5583 was published Oct 30, 2023

In appendEscapedSQLString of DatabaseUtils.java, there is a possible SQL injection due to unsafe... Moderate Unreviewed

CVE-2023-40121 was published Oct 27, 2023

NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote... Critical Unreviewed

CVE-2023-43208 was published Oct 26, 2023

The Essential Blocks plugin for WordPress is vulnerable to PHP Object Injection in versions up to... High Unreviewed

CVE-2023-4386 was published Oct 20, 2023

The Jetpack CRM plugin for WordPress is vulnerable to PHAR deserialization via the ‘zbscrmcsvimpf... High Unreviewed

CVE-2022-3342 was published Oct 20, 2023

The Essential Blocks plugin for WordPress is vulnerable to PHP Object Injection in versions up to... Critical Unreviewed

CVE-2023-4402 was published Oct 20, 2023

Sollace Unicopia version 1.1.1 and before was discovered to deserialize untrusted data, allowing... Critical Unreviewed

CVE-2023-39680 was published Oct 20, 2023

VMware Aria Operations for Logs contains a deserialization vulnerability. A malicious actor with... High Unreviewed

CVE-2023-34052 was published Oct 20, 2023

The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This... High Unreviewed

CVE-2023-35186 was published Oct 19, 2023

The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This... Critical Unreviewed

CVE-2023-35184 was published Oct 19, 2023

The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This... Critical Unreviewed

CVE-2023-35182 was published Oct 19, 2023

The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This... High Unreviewed

CVE-2023-35180 was published Oct 19, 2023

In spring AMQP versions 1.0.0 to 2.4.16 and 3.0.0 to 3.0.9 , allowed list patterns for... Moderate Unreviewed

CVE-2023-34050 was published Oct 19, 2023

Unsafe Deserialization of User Input could lead to Execution of Unauthorized Operations in Ivanti... Critical Unreviewed

CVE-2023-35084 was published Oct 18, 2023

Previous 1…31…56 Next

Previous 1 2 … 29 30 31 32 33 … 55 56 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,377 advisories