GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,978
Erlang
29
GitHub Actions
16
Go
1,768
Maven
4,991
npm
3,537
NuGet
616
pip
3,107
Pub
10
RubyGems
837
Rust
786
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
370 advisories
Filter by severity
Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.1 and 9.3.0.3, including...
High
Unreviewed
CVE-2022-4815
was published
Jul 6, 2023
ToolboxST prior to version 7.10 is affected by a deserialization vulnerability. An attacker with...
High
Unreviewed
CVE-2023-1552
was published
Jul 6, 2023
Deserialization of untrusted data in Microsoft Messaging Queuing Service in Medtronic's Paceart...
High
Unreviewed
CVE-2023-31222
was published
Jun 29, 2023
Attackers with access to the "documentconverterws" API were able to inject serialized Java...
High
Unreviewed
CVE-2023-26436
was published
Jun 20, 2023
In run of multiple files, there is a possible escalation of privilege due to unsafe...
High
Unreviewed
CVE-2023-21124
was published
Jun 15, 2023
A CWE-502: Deserialization of Untrusted Data vulnerability exists in the Dashboard module that...
High
Unreviewed
CVE-2023-3001
was published
Jun 14, 2023
An issue found in MIM software Inc MIM License Server and MIMpacs services v.6.9 thru v.7.0 fixed...
High
Unreviewed
CVE-2023-30262
was published
Jun 9, 2023
Marval MSM through 14.19.0.12476 and 15.0 has a Remote Code Execution vulnerability. A remote...
High
Unreviewed
CVE-2023-33284
was published
Jun 7, 2023
The Otter WordPress plugin before 2.2.6 does not sanitize some user-controlled file paths before...
High
Unreviewed
CVE-2023-2288
was published
May 30, 2023
The Go Pricing - WordPress Responsive Pricing Tables plugin for WordPress is vulnerable to PHP...
High
Unreviewed
CVE-2023-2500
was published
May 25, 2023
The Ad Inserter WordPress plugin before 2.7.27 unserializes user input provided via the settings,...
High
Unreviewed
CVE-2023-1549
was published
May 15, 2023
VMware Aria Operations contains a deserialization vulnerability. A malicious actor with...
High
Unreviewed
CVE-2023-20878
was published
May 12, 2023
A vulnerability has been identified in Siveillance Video 2020 R2 (All versions < V20.2...
High
Unreviewed
CVE-2023-30898
was published
May 9, 2023
A vulnerability has been identified in Siveillance Video 2020 R2 (All versions < V20.2...
High
Unreviewed
CVE-2023-30899
was published
May 9, 2023
The Customizer Export/Import WordPress plugin before 0.9.6 unserializes user input provided via...
High
Unreviewed
CVE-2023-1347
was published
May 8, 2023
The SEOPress WordPress plugin before 6.5.0.3 unserializes user input provided via the settings,...
High
Unreviewed
CVE-2023-1669
was published
May 2, 2023
The Advanced Custom Fields (ACF) Free and Pro WordPress plugins 6.x before 6.1.0 and 5.x before 5...
High
Unreviewed
CVE-2023-1196
was published
May 2, 2023
An unsafe .NET object deserialization in DELMIA Apriso Release 2017 through Release 2022 could...
High
Unreviewed
CVE-2023-2141
was published
Apr 21, 2023
The WP Meta SEO WordPress plugin before 4.5.5 does not validate image file paths before...
High
Unreviewed
CVE-2023-1381
was published
Apr 10, 2023
A vulnerability in the web-based management interface of Cisco Secure Network Analytics could...
High
Unreviewed
CVE-2023-20102
was published
Apr 5, 2023
This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
High
Unreviewed
CVE-2022-2561
was published
Mar 29, 2023
This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
High
Unreviewed
CVE-2022-36971
was published
Mar 29, 2023
This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
High
Unreviewed
CVE-2022-28685
was published
Mar 29, 2023
This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
High
Unreviewed
CVE-2022-37378
was published
Mar 29, 2023
The pgmng module has a vulnerability in serialization/deserialization. Successful exploitation of...
High
Unreviewed
CVE-2023-26548
was published
Mar 28, 2023
ProTip!
Advisories are also available from the
GraphQL API