GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,978
Erlang
29
GitHub Actions
16
Go
1,768
Maven
4,991
npm
3,537
NuGet
616
pip
3,107
Pub
10
RubyGems
837
Rust
786
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
370 advisories
Filter by severity
Deserialization of Untrusted Data in Plex Media Server on Windows allows a remote, authenticated...
High
Unreviewed
CVE-2020-5741
was published
May 24, 2022
An attacker who has already compromised the local system could use TinyWall Controller to gain...
High
Unreviewed
CVE-2019-19470
was published
May 24, 2022
An issue was discovered in Public Knowledge Project (PKP) pkp-lib before 3.1.2-2, as used in Open...
High
Unreviewed
CVE-2019-19909
was published
May 24, 2022
OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to denial of service from unserialized data...
High
Unreviewed
CVE-2019-18601
was published
May 24, 2022
mintinstall (aka Software Manager) 7.9.9 for Linux Mint allows code execution if a REVIEWS_CACHE...
High
Unreviewed
CVE-2019-17080
was published
May 24, 2022
Insecure deserialization of untrusted data in Micro Focus Service Manager product versions 9.30,...
High
Unreviewed
CVE-2019-11666
was published
May 24, 2022
Sitecore Experience Platform (XP) prior to 9.1.1 is vulnerable to remote code execution via...
High
Unreviewed
CVE-2019-11080
was published
May 24, 2022
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC)...
High
Unreviewed
CVE-2019-5350
was published
May 24, 2022
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC)...
High
Unreviewed
CVE-2019-11956
was published
May 24, 2022
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC)...
High
Unreviewed
CVE-2019-11950
was published
May 24, 2022
Deserialization of Untrusted Data in the anti CSRF module in Sitecore through 9.1 allows an...
High
Unreviewed
CVE-2019-9875
was published
May 24, 2022
Ampache 3.8.3 allows PHP Object Instantiation via democratic.ajax.php and democratic.class.php.
High
Unreviewed
CVE-2017-18375
was published
May 24, 2022
e107 2.1.2 allows PHP Object Injection with resultant SQL injection, because usersettings.php...
High
Unreviewed
CVE-2016-10753
was published
May 24, 2022
** DISPUTED ** Manuskript through 0.12.0 allows remote attackers to execute arbitrary code via a...
High
Unreviewed
CVE-2021-35196
was published
May 24, 2022
compose.php in SquirrelMail 1.4.22 calls unserialize for the $attachments value, which originates...
High
Unreviewed
CVE-2020-14933
was published
May 24, 2022
** DISPUTED *** Xen Mobile through 10.8.0 includes a service listening on port 5001 within its...
High
Unreviewed
CVE-2018-18013
was published
May 14, 2022
Deserialization of Untrusted Data vulnerability in MainWP MainWP Links Manager Extension.This...
High
Unreviewed
CVE-2023-23649
was published
Mar 28, 2024
Deserialization of Untrusted Data vulnerability in GiveWP.This issue affects GiveWP: from n/a...
High
Unreviewed
CVE-2024-30229
was published
Mar 28, 2024
Deserialization of Untrusted Data vulnerability in Acowebs PDF Invoices and Packing Slips For...
High
Unreviewed
CVE-2024-30230
was published
Mar 28, 2024
Deserialization of Untrusted Data vulnerability in Repute Infosystems ARMember.This issue affects...
High
Unreviewed
CVE-2024-30222
was published
Mar 28, 2024
Deserialization of Untrusted Data vulnerability in Echo Plugins Knowledge Base for Documentation,...
High
Unreviewed
CVE-2024-24842
was published
Mar 27, 2024
Deserialization of Untrusted Data vulnerability in WPEverest User Registration.This issue affects...
High
Unreviewed
CVE-2023-27459
was published
Mar 26, 2024
Deserialization of Untrusted Data vulnerability in Social Media Share Buttons By Sygnoos Social...
High
Unreviewed
CVE-2024-2721
was published
Mar 20, 2024
In Progress® Telerik® Reporting versions prior to 2024 Q1 (18.0.24.130), a code execution attack...
High
Unreviewed
CVE-2024-1856
was published
Mar 20, 2024
In Progress® Telerik® Reporting versions prior to 2024 Q1 (18.0.24.130), a code execution attack...
High
Unreviewed
CVE-2024-1801
was published
Mar 20, 2024
ProTip!
Advisories are also available from the
GraphQL API