GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
367 advisories
Filter by severity
Sollace Unicopia version 1.1.1 and before was discovered to deserialize untrusted data, allowing...
Critical
Unreviewed
CVE-2023-39680
was published
Oct 20, 2023
The Essential Blocks plugin for WordPress is vulnerable to PHP Object Injection in versions up to...
Critical
Unreviewed
CVE-2023-4402
was published
Oct 20, 2023
The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This...
Critical
Unreviewed
CVE-2023-35184
was published
Oct 19, 2023
The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This...
Critical
Unreviewed
CVE-2023-35182
was published
Oct 19, 2023
Unsafe Deserialization of User Input could lead to Execution of Unauthorized Operations in Ivanti...
Critical
Unreviewed
CVE-2023-35084
was published
Oct 18, 2023
Presto Changeo testsitecreator up to 1.1.1 was discovered to contain a deserialization...
Critical
Unreviewed
CVE-2023-43981
was published
Oct 5, 2023
A?CWE-502:?Deserialization of untrusted data?vulnerability exists?that could allow an attacker...
Critical
Unreviewed
CVE-2023-5391
was published
Oct 4, 2023
Deserialization of Untrusted Data in emlog pro v.2.1.15 and earlier allows a remote attacker to...
Critical
Unreviewed
CVE-2023-43291
was published
Sep 27, 2023
phpPgAdmin 7.14.4 and earlier is vulnerable to deserialization of untrusted data which may lead...
Critical
Unreviewed
CVE-2023-40619
was published
Sep 20, 2023
Adobe ColdFusion versions 2018u18 (and earlier), 2021u8 (and earlier) and 2023u2 (and earlier)...
Critical
Unreviewed
CVE-2023-38204
was published
Sep 14, 2023
An issue in Diebold Aglis XFS for Opteva v.4.1.61.1 allows a remote attacker to execute arbitrary...
Critical
Unreviewed
CVE-2020-19559
was published
Sep 11, 2023
Version 10.11 of webMethods OneData runs an embedded instance of Azul Zulu Java 11.0.15 which...
Critical
Unreviewed
CVE-2023-0925
was published
Sep 6, 2023
The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier is vulnerable to...
Critical
Unreviewed
CVE-2023-3259
was published
Aug 14, 2023
IBM SDK, Java Technology Edition 7.1.5.18 and 8.0.8.0 could allow a remote attacker to execute...
Critical
Unreviewed
CVE-2022-40609
was published
Aug 2, 2023
Adobe ColdFusion versions 2018u17 (and earlier), 2021u7 (and earlier) and 2023u1 (and earlier)...
Critical
Unreviewed
CVE-2023-38203
was published
Jul 20, 2023
Adobe ColdFusion versions 2018u16 (and earlier), 2021u6 (and earlier) and 2023.0.0.330468 (and...
Critical
Unreviewed
CVE-2023-29300
was published
Jul 12, 2023
?Delta Electronics InfraSuite Device Master versions prior to 1.0.7 contains classes that...
Critical
Unreviewed
CVE-2023-34347
was published
Jul 10, 2023
N6854A Geolocation Server versions 2.4.2 are vulnerable to untrusted data deserialization, which...
Critical
Unreviewed
CVE-2023-1399
was published
Jul 6, 2023
A deserialization of untrusted data exists in EPM 2022 Su3 and all prior versions that allows an...
Critical
Unreviewed
CVE-2023-28323
was published
Jul 1, 2023
A deserialization of untrusted data in Fortinet FortiNAC below 7.2.1, below 9.4.3, below 9.2.8...
Critical
Unreviewed
CVE-2023-33299
was published
Jun 23, 2023
The Newsletter Manager plugin for WordPress is vulnerable to insecure deserialization in versions...
Critical
Unreviewed
CVE-2020-36727
was published
Jun 7, 2023
The Ultimate Reviews plugin for WordPress is vulnerable to PHP Object Injection in versions up to...
Critical
Unreviewed
CVE-2020-36726
was published
Jun 7, 2023
The GDPR CCPA Compliance Support plugin for WordPress is vulnerable to PHP Object Injection in...
Critical
Unreviewed
CVE-2020-36718
was published
Jun 7, 2023
Deserialization of Untrusted Data in Sitecore Experience Platform through 10.2 allows remote...
Critical
Unreviewed
CVE-2023-27068
was published
May 23, 2023
IBM InfoSphere Information Server 11.7 is affected by a remote code execution vulnerability due...
Critical
Unreviewed
CVE-2023-32336
was published
May 22, 2023
ProTip!
Advisories are also available from the
GraphQL API