GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,892
Composer 4,266
Erlang 31
GitHub Actions 21
Go 2,041
Maven 5,224
npm 3,733
NuGet 662
pip 3,414
Pub 12
RubyGems 891
Rust 866
Swift 36

Unreviewed advisories

All unreviewed 238,129

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

398 advisories

Filter by severity

Sort by

Least recently updated

CrushFTP 8.x before 8.2.0 has a serialization vulnerability. Critical Unreviewed

CVE-2017-14035 was published May 17, 2022

Versions of MCollective prior to 2.10.4 deserialized YAML from agents without calling safe_load,... Critical Unreviewed

CVE-2017-2292 was published May 17, 2022

All versions prior to V12.17.20 of the ZTE Microwave NR8000 series products - NR8120, NR8120A,... Critical Unreviewed

CVE-2017-10932 was published May 17, 2022

The Reporting Compatibility Add On before 2.0.4 for OpenMRS, as distributed in OpenMRS Reference... Critical Unreviewed

CVE-2017-12796 was published May 17, 2022

Laravel 9.1.8, when processing attacker-controlled data for deserialization, allows Remote Code... Critical Unreviewed

CVE-2022-30779 was published May 17, 2022

Laravel 9.1.8, when processing attacker-controlled data for deserialization, allows Remote Code... Critical Unreviewed

CVE-2022-30778 was published May 17, 2022

In vBulletin through 5.3.x, there is an unauthenticated deserialization vulnerability that leads... Critical Unreviewed

CVE-2017-17672 was published May 14, 2022

ext/standard/var_unserializer.c in PHP before 5.6.25 and 7.x before 7.0.10 mishandles certain... Critical Unreviewed

CVE-2016-7124 was published May 14, 2022

A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3... Critical Unreviewed

CVE-2017-5792 was published May 14, 2022

VMware Realize Automation (7.3 and 7.2) and vSphere Integrated Containers (1.x before 1.3)... Critical Unreviewed

CVE-2017-4947 was published May 14, 2022

A remote code execution vulnerability in HPE Operations Orchestration Community edition and... Critical Unreviewed

CVE-2016-8519 was published May 14, 2022

A Remote Code Execution vulnerability in HPE intelligent Management Center (iMC) PLAT version IMC... Critical Unreviewed

CVE-2017-12556 was published May 14, 2022

A Remote Code Execution vulnerability in HPE intelligent Management Center (iMC) PLAT version IMC... Critical Unreviewed

CVE-2017-12558 was published May 14, 2022

A remote deserialization of untrusted data vulnerability in HPE Intelligent Management Center ... Critical Unreviewed

CVE-2017-5790 was published May 14, 2022

A Remote Code Execution vulnerability in HPE Network Automation using RPCServlet and Java... Critical Unreviewed

CVE-2016-8511 was published May 14, 2022

The MyScript SDK before 1.3 for Android might allow attackers to execute arbitrary code by... Critical Unreviewed

CVE-2015-2020 was published May 14, 2022

In Jboss Application Server as shipped with Red Hat Enterprise Application Platform 5.2, it was... Critical Unreviewed

CVE-2017-12149 was published May 14, 2022

An issue was discovered in phpMyAdmin. Some data is passed to the PHP unserialize() function... Critical Unreviewed

CVE-2016-6620 was published May 14, 2022

All versions prior to V5.09.02.02T4 of the ZTE ZXIPTV-EPG product use the Java RMI service in... Critical Unreviewed

CVE-2017-10934 was published May 14, 2022

PHPMemcachedAdmin 1.2.2 and earlier allows remote attackers to execute arbitrary PHP code via... Critical Unreviewed

CVE-2014-8731 was published May 14, 2022

The EjbObjectInputStream class in Apache TomEE before 1.7.4 and 7.x before 7.0.0-M3 allows remote... Critical Unreviewed

CVE-2016-0779 was published May 14, 2022

SAP NetWeaver 7400.12.21.30308 allows remote attackers to cause a denial of service and possibly... Critical Unreviewed

CVE-2017-9844 was published May 14, 2022

MegaMek version < v0.45.1 contains a Other/Unknown vulnerability in Object Stream Connection that... Critical Unreviewed

CVE-2018-1000824 was published May 14, 2022

Ubilling version <= 0.9.2 contains a Other/Unknown vulnerability in user-controlled parameter... Critical Unreviewed

CVE-2018-1000827 was published May 14, 2022

ZoneMinder version <= 1.32.2 contains a Other/Unknown vulnerability in User-controlled parameter... Critical Unreviewed

CVE-2018-1000833 was published May 14, 2022

Previous 1 2 … 11 12 13 14 15 16 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

398 advisories