Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,372 advisories

Loading
The String Locator plugin for WordPress is vulnerable to deserialization of untrusted input via... High Unreviewed
CVE-2022-2434 was published Sep 7, 2022
The Broken Link Checker plugin for WordPress is vulnerable to deserialization of untrusted input... High Unreviewed
CVE-2022-2438 was published Sep 7, 2022
The Download Manager plugin for WordPress is vulnerable to deserialization of untrusted input via... High Unreviewed
CVE-2022-2436 was published Sep 7, 2022
The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to deserialization of... High Unreviewed
CVE-2022-2442 was published Sep 7, 2022
Deserialization of Untrusted Data vulnerability in the message processing component of... Critical Unreviewed
CVE-2022-2830 was published Sep 6, 2022
The Solr plugin of Apache OFBiz is configured by default to automatically make a RMI request on... Critical Unreviewed
CVE-2022-29063 was published Sep 3, 2022
Rockwell Automation ISaGRAF Workbench software versions 6.0 through 6.6.9 are affected by a... High Unreviewed
CVE-2022-2465 was published Aug 26, 2022
An issue was discovered in Blue Prism Enterprise 6.0 through 7.01. In a misconfigured environment... High Unreviewed
CVE-2022-36119 was published Aug 26, 2022
It was found that the original fix for log4j CVE-2021-44228 and CVE-2021-45046 in the OpenShift... High Unreviewed
CVE-2021-4125 was published Aug 25, 2022
PHP Object Injection vulnerability in Easy Digital Downloads plugin <= 3.0.1 at WordPress. High Unreviewed
CVE-2022-33900 was published Aug 23, 2022
A vulnerability, which was classified as critical, was found in Laravel 5.1. Affected is an... High Unreviewed
CVE-2022-2886 was published Aug 20, 2022
A Java Deserialization vulnerability in the Fishbowl Server in Fishbowl Inventory before 2022.4.1... Critical Unreviewed
CVE-2022-29805 was published Aug 20, 2022
A vulnerability was found in laravel 5.1 and classified as problematic. This issue affects some... Critical Unreviewed
CVE-2022-2870 was published Aug 18, 2022
In BIG-IP Versions 16.1.x before 16.1.3, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all... Moderate Unreviewed
CVE-2022-33947 was published Aug 5, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2022-28684 was published Aug 4, 2022
EasyUse MailHunter Ultimate’s cookie deserialization function has an inadequate validation... Critical Unreviewed
CVE-2022-35223 was published Aug 3, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2022-35872 was published Jul 26, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2022-35870 was published Jul 26, 2022
Deserialization of Untrusted Data vulnerability in ICONICS GENESIS64 versions 10.97.1 and prior... High Unreviewed
CVE-2022-33320 was published Jul 21, 2022
Deserialization of Untrusted Data vulnerability in ICONICS GENESIS64 versions 10.97.1 and prior... Critical Unreviewed
CVE-2022-33318 was published Jul 21, 2022
Deserialization of Untrusted Data vulnerability in ICONICS GENESIS64 versions 10.97.1 and prior... High Unreviewed
CVE-2022-33315 was published Jul 21, 2022
Deserialization of Untrusted Data vulnerability in ICONICS GENESIS64 versions 10.97.1 and prior... High Unreviewed
CVE-2022-33316 was published Jul 21, 2022
Zoho ManageEngine Password Manager Pro before 12101 and PAM360 before 5510 are vulnerable to... Critical Unreviewed
CVE-2022-35405 was published Jul 20, 2022
If an on-premise installation of the Pega Platform is configured with the port for the JMX... Critical Unreviewed
CVE-2022-24082 was published Jul 20, 2022
This issue affects: HYPR Windows WFA versions prior to 7.2; Unsafe Deserialization vulnerability... High Unreviewed
CVE-2022-1984 was published Jul 20, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database