GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,978
Erlang
29
GitHub Actions
16
Go
1,768
Maven
4,991
npm
3,537
NuGet
616
pip
3,107
Pub
10
RubyGems
837
Rust
786
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
370 advisories
Filter by severity
Deserialization vulnerability in the input module. Successful exploitation of this vulnerability...
High
Unreviewed
CVE-2023-39396
was published
Aug 13, 2023
Deserialization of Untrusted Data vulnerability in yolo 3 allows attackers to execute arbitrary...
High
Unreviewed
CVE-2021-31681
was published
Jul 31, 2023
Deserialization of Untrusted Data vulnerability in yolo 5 allows attackers to execute arbitrary...
High
Unreviewed
CVE-2021-31680
was published
Jul 31, 2023
A vulnerability exists by allowing low-privileged users to read and update the data in various...
High
Unreviewed
CVE-2023-3324
was published
Jul 24, 2023
Controller DoS may occur due to buffer overflow when an error is generated in response to a...
High
Unreviewed
CVE-2023-25770
was published
Jul 13, 2023
The User Registration plugin for WordPress is vulnerable to PHP Object Injection in versions up...
High
Unreviewed
CVE-2023-3343
was published
Jul 13, 2023
Aria Operations for Networks contains an authenticated deserialization vulnerability. A malicious...
High
Unreviewed
CVE-2023-20888
was published
Jul 6, 2023
Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.1 and 9.3.0.3, including...
High
Unreviewed
CVE-2022-4815
was published
Jul 6, 2023
ToolboxST prior to version 7.10 is affected by a deserialization vulnerability. An attacker with...
High
Unreviewed
CVE-2023-1552
was published
Jul 6, 2023
Deserialization of untrusted data in Microsoft Messaging Queuing Service in Medtronic's Paceart...
High
Unreviewed
CVE-2023-31222
was published
Jun 29, 2023
In run of multiple files, there is a possible escalation of privilege due to unsafe...
High
Unreviewed
CVE-2023-21124
was published
Jun 15, 2023
A CWE-502: Deserialization of Untrusted Data vulnerability exists in the Dashboard module that...
High
Unreviewed
CVE-2023-3001
was published
Jun 14, 2023
An issue found in MIM software Inc MIM License Server and MIMpacs services v.6.9 thru v.7.0 fixed...
High
Unreviewed
CVE-2023-30262
was published
Jun 9, 2023
Marval MSM through 14.19.0.12476 and 15.0 has a Remote Code Execution vulnerability. A remote...
High
Unreviewed
CVE-2023-33284
was published
Jun 7, 2023
The Otter WordPress plugin before 2.2.6 does not sanitize some user-controlled file paths before...
High
Unreviewed
CVE-2023-2288
was published
May 30, 2023
The Go Pricing - WordPress Responsive Pricing Tables plugin for WordPress is vulnerable to PHP...
High
Unreviewed
CVE-2023-2500
was published
May 25, 2023
The Ad Inserter WordPress plugin before 2.7.27 unserializes user input provided via the settings,...
High
Unreviewed
CVE-2023-1549
was published
May 15, 2023
VMware Aria Operations contains a deserialization vulnerability. A malicious actor with...
High
Unreviewed
CVE-2023-20878
was published
May 12, 2023
A vulnerability has been identified in Siveillance Video 2020 R2 (All versions < V20.2...
High
Unreviewed
CVE-2023-30898
was published
May 9, 2023
A vulnerability has been identified in Siveillance Video 2020 R2 (All versions < V20.2...
High
Unreviewed
CVE-2023-30899
was published
May 9, 2023
The Customizer Export/Import WordPress plugin before 0.9.6 unserializes user input provided via...
High
Unreviewed
CVE-2023-1347
was published
May 8, 2023
The Advanced Custom Fields (ACF) Free and Pro WordPress plugins 6.x before 6.1.0 and 5.x before 5...
High
Unreviewed
CVE-2023-1196
was published
May 2, 2023
The SEOPress WordPress plugin before 6.5.0.3 unserializes user input provided via the settings,...
High
Unreviewed
CVE-2023-1669
was published
May 2, 2023
An unsafe .NET object deserialization in DELMIA Apriso Release 2017 through Release 2022 could...
High
Unreviewed
CVE-2023-2141
was published
Apr 21, 2023
TylerTech Eagle 2018.3.11 deserializes untrusted user input, resulting in remote code execution...
High
Unreviewed
CVE-2019-16112
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API