Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,780
Erlang
36
GitHub Actions
29
Go
2,338
Maven
5,000+
npm
3,973
NuGet
715
pip
3,769
Pub
12
RubyGems
923
Rust
976
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

554 advisories

Loading
The bt_bb_get_grid AJAX action of the Bold Page Builder WordPress plugin before 3.1.6 passes user... High Unreviewed
CVE-2021-24579 was published May 24, 2022
An unsafe deserialization vulnerability exists in the Engine.plugin ProfileInformation... High Unreviewed
CVE-2021-21869 was published May 24, 2022
A unsafe deserialization vulnerability exists in the ObjectManager.plugin Project... High Unreviewed
CVE-2021-21868 was published May 24, 2022
A unsafe deserialization vulnerability exists in the ObjectManager.plugin ObjectStream... High Unreviewed
CVE-2021-21867 was published May 24, 2022
The WHM Locale Upload feature in cPanel before 98.0.1 allows unserialization attacks (SEC-585). High Unreviewed
CVE-2021-38585 was published May 24, 2022
A unsafe deserialization vulnerability exists in the ComponentModel Profile.FromFile()... High Unreviewed
CVE-2021-21863 was published May 24, 2022
A unsafe deserialization vulnerability exists in the ObjectManager.plugin ProfileInformation... High Unreviewed
CVE-2021-21866 was published May 24, 2022
A unsafe deserialization vulnerability exists in the ComponentModel ComponentManager... High Unreviewed
CVE-2021-21864 was published May 24, 2022
A unsafe deserialization vulnerability exists in the PackageManagement.plugin ExtensionMethods... High Unreviewed
CVE-2021-21865 was published May 24, 2022
Concrete5 through 8.5.5 deserializes Untrusted Data. The vulnerable code is located within the... High Unreviewed
CVE-2021-36766 was published May 24, 2022
A CWE-502: Deserialization of Untrusted Data vulnerability exists that could cause code execution... High Unreviewed
CVE-2021-22777 was published May 24, 2022
Microsoft SharePoint Server Remote Code Execution Vulnerability This CVE ID is unique from CVE... High Unreviewed
CVE-2021-34520 was published May 24, 2022
A remote insecure deserialization vulnerability was discovered in Aruba ClearPass Policy Manager... High Unreviewed
CVE-2021-29150 was published May 24, 2022
There is a deserialization vulnerability in Huawei AnyOffice V200R006C10. An attacker can... High Unreviewed
CVE-2021-22439 was published May 24, 2022
** DISPUTED ** Manuskript through 0.12.0 allows remote attackers to execute arbitrary code via a... High Unreviewed
CVE-2021-35196 was published May 24, 2022
In Invoice Ninja before 4.4.0, there is an unsafe call to unserialize() in app/Ninja/Repositories... High Unreviewed
CVE-2021-33898 was published May 24, 2022
Deserialization of untrusted data vulnerability in McAfee Database Security (DBSec) prior to 4.8... High Unreviewed
CVE-2021-23895 was published May 24, 2022
In the Redirection for Contact Form 7 WordPress plugin before 2.3.4, any authenticated user, such... High Unreviewed
CVE-2021-24280 was published May 24, 2022
A remote insecure deserialization vulnerability was discovered in Aruba AirWave Management... High Unreviewed
CVE-2021-25152 was published May 24, 2022
A remote insecure deserialization vulnerability was discovered in Aruba AirWave Management... High Unreviewed
CVE-2021-25151 was published May 24, 2022
This vulnerability allows local attackers to escalate privileges on affected installations of... High Unreviewed
CVE-2021-27277 was published May 24, 2022
AjaxSearchPro before 4.20.8 allows Deserialization of Untrusted Data (in the import database... High Unreviewed
CVE-2021-29654 was published May 24, 2022
The run_action function of the Facebook for WordPress plugin before 3.0.0 deserializes user... High Unreviewed
CVE-2021-24217 was published May 24, 2022
This vulnerability allows local attackers to escalate privileges on affected installations of... High Unreviewed
CVE-2021-27240 was published May 24, 2022
Tenable.sc and Tenable.sc Core versions 5.13.0 through 5.17.0 were found to contain a... High Unreviewed
CVE-2021-20076 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database