Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,978
Erlang
29
GitHub Actions
16
Go
1,768
Maven
4,991
npm
3,537
NuGet
616
pip
3,107
Pub
10
RubyGems
837
Rust
786
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

370 advisories

Loading
Deserialization of Untrusted Data vulnerability of Apache ShardingSphere-UI allows an attacker to... High Unreviewed
CVE-2021-26558 was published May 24, 2022
Microsoft Exchange Server Remote Code Execution Vulnerability High Unreviewed
CVE-2021-26857 was published May 24, 2022
app/Model/Server.php in MISP 2.4.109 allows remote command execution by a super administrator... High Unreviewed
CVE-2019-12868 was published May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2021-34992 was published May 24, 2022
Project files are stored memory objects in the form of binary serialized data that can later be... High Unreviewed
CVE-2021-42698 was published May 24, 2022
The HTTP interface was enabled for RabbitMQ Plugin in ARM 2020.2.6 and the ability to configure... High Unreviewed
CVE-2021-35227 was published May 24, 2022
Version 3.3.23 of the Sassy Social Share WordPress plugin is vulnerable to PHP Object Injection... High Unreviewed
CVE-2021-39321 was published May 24, 2022
Proofpoint Insider Threat Management Server contains an unsafe deserialization vulnerability in... High Unreviewed
CVE-2021-40843 was published May 24, 2022
A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP2 Update 1). The affected... High Unreviewed
CVE-2021-33728 was published May 24, 2022
In ParsedIntentInfo of ParsedIntentInfo.java, there is a possible parcel serialization... High Unreviewed
CVE-2021-0685 was published May 24, 2022
In Gradle Enterprise before 2021.1.3, a crafted request can trigger deserialization of arbitrary... High Unreviewed
CVE-2021-41588 was published May 24, 2022
ZStack is open source IaaS(infrastructure as a service) software. In ZStack before versions 3.10... High Unreviewed
CVE-2021-32836 was published May 24, 2022
Insecure Deseralization of untrusted data remote code execution vulnerability was discovered in... High Unreviewed
CVE-2021-35217 was published May 24, 2022
mrdoc is vulnerable to Deserialization of Untrusted Data High Unreviewed
CVE-2021-32568 was published May 24, 2022
Deserialization of Untrusted Data in the Web Console Chart Endpoint can lead to remote code... High Unreviewed
CVE-2021-35218 was published May 24, 2022
Insecure deserialization leading to Remote Code Execution was detected in the Orion Platform... High Unreviewed
CVE-2021-35215 was published May 24, 2022
Insecure Deserialization of untrusted data remote code execution vulnerability was discovered in... High Unreviewed
CVE-2021-35216 was published May 24, 2022
Deserialization of untrusted data in multiple functions in MIK.starlight 7.9.5.24363 allows... High Unreviewed
CVE-2021-36231 was published May 24, 2022
The bt_bb_get_grid AJAX action of the Bold Page Builder WordPress plugin before 3.1.6 passes user... High Unreviewed
CVE-2021-24579 was published May 24, 2022
An unsafe deserialization vulnerability exists in the Engine.plugin ProfileInformation... High Unreviewed
CVE-2021-21869 was published May 24, 2022
A unsafe deserialization vulnerability exists in the ObjectManager.plugin Project... High Unreviewed
CVE-2021-21868 was published May 24, 2022
A unsafe deserialization vulnerability exists in the ObjectManager.plugin ObjectStream... High Unreviewed
CVE-2021-21867 was published May 24, 2022
The WHM Locale Upload feature in cPanel before 98.0.1 allows unserialization attacks (SEC-585). High Unreviewed
CVE-2021-38585 was published May 24, 2022
A unsafe deserialization vulnerability exists in the ComponentModel Profile.FromFile()... High Unreviewed
CVE-2021-21863 was published May 24, 2022
A unsafe deserialization vulnerability exists in the ObjectManager.plugin ProfileInformation... High Unreviewed
CVE-2021-21866 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API