GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,041
Maven
5,000+
npm
3,733
NuGet
662
pip
3,414
Pub
12
RubyGems
891
Rust
866
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
398 advisories
Filter by severity
An issue (5 of 6) was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the...
Critical
Unreviewed
CVE-2021-44681
was published
Dec 7, 2021
An issue (6 of 6) was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the...
Critical
Unreviewed
CVE-2021-44682
was published
Dec 7, 2021
An issue (1 of 6) was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the...
Critical
Unreviewed
CVE-2021-44677
was published
Dec 7, 2021
An issue (2 of 6) was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the...
Critical
Unreviewed
CVE-2021-44678
was published
Dec 7, 2021
An issue (3 of 6) was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the...
Critical
Unreviewed
CVE-2021-44679
was published
Dec 7, 2021
An issue (4 of 6) was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the...
Critical
Unreviewed
CVE-2021-44680
was published
Dec 7, 2021
Laravel v5.1 was discovered to contain a deserialization vulnerability via the component \Mockery...
Critical
Unreviewed
CVE-2021-37298
was published
Dec 7, 2021
A deserialization of untrusted data vulnerability exists in Ivanti Avalanche before 6.3.3 using...
Critical
Unreviewed
CVE-2021-42127
was published
Dec 8, 2021
The ToTop Link WordPress plugin through 1.7.1 passes base64 encoded user input to the unserialize...
Critical
Unreviewed
CVE-2021-24857
was published
Dec 14, 2021
Wyse Management Suite 3.3.1 and below versions contain a deserialization vulnerability that could...
Critical
Unreviewed
CVE-2021-36336
was published
Dec 22, 2021
An issue was discovered in Quest KACE Desktop Authority before 11.2. This vulnerability allows...
Critical
Unreviewed
CVE-2021-44029
was published
Dec 23, 2021
SuiteCRM before 7.12.3 and 8.x before 8.0.2 allows PHAR deserialization that can lead to remote...
Critical
Unreviewed
CVE-2021-45899
was published
Jan 29, 2022
Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier components contain .NET remoting...
Critical
Unreviewed
CVE-2021-27460
was published
Mar 24, 2022
A deserialization vulnerability exists in how the AosService.rem service in Rockwell Automation...
Critical
Unreviewed
CVE-2021-27462
was published
Mar 24, 2022
A deserialization vulnerability exists in how the ArchiveService.rem service in Rockwell...
Critical
Unreviewed
CVE-2021-27466
was published
Mar 24, 2022
A deserialization vulnerability exists in how the LogService.rem service in Rockwell Automation...
Critical
Unreviewed
CVE-2021-27470
was published
Mar 24, 2022
Jeesite 1.2.7 uses the apache shiro version 1.2.3 affected by CVE-2016-4437. Because of this...
Critical
Unreviewed
CVE-2020-19229
was published
Apr 6, 2022
The HTTP client in MashZone NextGen through 10.7 GA deserializes untrusted data when it gets an...
Critical
Unreviewed
CVE-2021-33207
was published
Apr 6, 2022
A vulnerability has been identified in SIMATIC Energy Manager Basic (All versions < V7.3 Update 1...
Critical
Unreviewed
CVE-2022-23450
was published
Apr 13, 2022
pearweb < 1.32 suffers from Deserialization of Untrusted Data.
Critical
Unreviewed
CVE-2022-27158
was published
Apr 16, 2022
Vulnerability in the Oracle JDeveloper product of Oracle Fusion Middleware (component: ADF Faces)...
Critical
Unreviewed
CVE-2022-21445
was published
Apr 20, 2022
SharedSecretClusterAuthenticator in Atlassian Bitbucket Data Center versions 5.14.0 and later...
Critical
Unreviewed
CVE-2022-26133
was published
Apr 21, 2022
An issue was discovered in MISP before 2.4.158. PHAR deserialization can occur.
Critical
Unreviewed
CVE-2022-29528
was published
Apr 22, 2022
The Java Remote Management Interface of all versions of Orlansoft ERP was discovered to contain a...
Critical
Unreviewed
CVE-2020-23620
was published
May 4, 2022
The Java Remote Management Interface of all versions of SVI MS Management System was discovered...
Critical
Unreviewed
CVE-2020-23621
was published
May 4, 2022
ProTip!
Advisories are also available from the
GraphQL API