GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,828
Composer 4,768
Erlang 35
GitHub Actions 29
Go 2,332
Maven 5,625
npm 3,965
NuGet 713
pip 3,748
Pub 12
RubyGems 921
Rust 975
Swift 38

Unreviewed advisories

All unreviewed 258,992

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,770 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Tenable.sc and Tenable.sc Core versions 5.13.0 through 5.17.0 were found to contain a... High Unreviewed

CVE-2021-20076 was published May 24, 2022

The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains... Critical Unreviewed

CVE-2020-10658 was published May 24, 2022

The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains... High Unreviewed

CVE-2020-10657 was published May 24, 2022

AjaxSearchPro before 4.20.8 allows Deserialization of Untrusted Data (in the import database... High Unreviewed

CVE-2021-29654 was published May 24, 2022

Apache OFBiz has unsafe deserialization prior to 17.12.07 version An unauthenticated user can... Critical Unreviewed

CVE-2021-29200 was published May 24, 2022

A remote insecure deserialization vulnerability was discovered in Aruba AirWave Management... High Unreviewed

CVE-2021-25152 was published May 24, 2022

Multiple vulnerabilities in the web-based management interface of Cisco RV340, RV340W, RV345, and... Moderate Unreviewed

CVE-2021-1414 was published May 24, 2022

Deserialization of untrusted data in the login page of ASSUWEB 359.3 build 1 subcomponent of ACA... Critical Unreviewed

CVE-2021-3160 was published May 24, 2022

Re-Logic Terraria before 1.4.2.3 performs Insecure Deserialization. Critical Unreviewed

CVE-2021-32075 was published May 24, 2022

Dell SRM versions prior to 4.5.0.1 and Dell SMR versions prior to 4.5.0.1 contain an Untrusted... Critical Unreviewed

CVE-2021-21524 was published May 24, 2022

The Collector Service in SolarWinds Orion Platform before 2020.2.4 uses MSMQ (Microsoft Message... Critical Unreviewed

CVE-2021-25274 was published May 24, 2022

An unsafe deserialization vulnerability in Bridgecrew Checkov by Prisma Cloud allows arbitrary... Moderate Unreviewed

CVE-2021-3035 was published May 24, 2022

A remote insecure deserialization vulnerability was discovered in Aruba AirWave Management... High Unreviewed

CVE-2021-25151 was published May 24, 2022

A deserialization flaw was found in Apache Chainsaw versions prior to 2.1.0 which could lead to... Critical Unreviewed

CVE-2020-9493 was published May 24, 2022

Artica Pandora FMS 742 allows unauthenticated attackers to perform Phar deserialization. Critical Unreviewed

CVE-2021-32098 was published May 24, 2022

In the Redirection for Contact Form 7 WordPress plugin before 2.3.4, any authenticated user, such... High Unreviewed

CVE-2021-24280 was published May 24, 2022

This vulnerability allows remote attackers to execute arbitrary code on affected installations of... Critical Unreviewed

CVE-2021-31474 was published May 24, 2022

The food-and-drink-menu plugin through 2.2.0 for WordPress allows remote attackers to execute... Critical Unreviewed

CVE-2020-29045 was published May 24, 2022

The BDew BdLib library before 1.16.1.7 for Minecraft allows remote code execution because it... Critical Unreviewed

CVE-2021-33806 was published May 24, 2022

In Invoice Ninja before 4.4.0, there is an unsafe call to unserialize() in app/Ninja/Repositories... High Unreviewed

CVE-2021-33898 was published May 24, 2022

This vulnerability allows local attackers to escalate privileges on affected installations of... High Unreviewed

CVE-2021-27240 was published May 24, 2022

Trusty contains a vulnerability in TSEC TA which deserializes the incoming messages even though... Moderate Unreviewed

CVE-2021-34393 was published May 24, 2022

Multiple vulnerabilities in the web-based management interface of Cisco RV340, RV340W, RV345, and... Moderate Unreviewed

CVE-2021-1415 was published May 24, 2022

The run_action function of the Facebook for WordPress plugin before 3.0.0 deserializes user... High Unreviewed

CVE-2021-24217 was published May 24, 2022

Zoho ManageEngine OpManager before 12.5.329 allows unauthenticated Remote Code Execution due to a... Critical Unreviewed

CVE-2021-3287 was published May 24, 2022

Previous 1 2 … 6 7 8 9 10 … 70 71 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,770 advisories