GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,041
Maven
5,000+
npm
3,733
NuGet
662
pip
3,414
Pub
12
RubyGems
891
Rust
866
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
935 advisories
Filter by severity
Sunnet eHRD e-mail delivery task schedule’s serialization function has inadequate input object...
High
Unreviewed
CVE-2021-43360
was published
Dec 2, 2021
An issue (5 of 6) was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the...
Critical
Unreviewed
CVE-2021-44681
was published
Dec 7, 2021
An issue (6 of 6) was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the...
Critical
Unreviewed
CVE-2021-44682
was published
Dec 7, 2021
An issue (1 of 6) was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the...
Critical
Unreviewed
CVE-2021-44677
was published
Dec 7, 2021
An issue (2 of 6) was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the...
Critical
Unreviewed
CVE-2021-44678
was published
Dec 7, 2021
An issue (3 of 6) was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the...
Critical
Unreviewed
CVE-2021-44679
was published
Dec 7, 2021
An issue (4 of 6) was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the...
Critical
Unreviewed
CVE-2021-44680
was published
Dec 7, 2021
Laravel v5.1 was discovered to contain a deserialization vulnerability via the component \Mockery...
Critical
Unreviewed
CVE-2021-37298
was published
Dec 7, 2021
A deserialization of untrusted data vulnerability exists in Ivanti Avalanche before 6.3.3 allows...
High
Unreviewed
CVE-2021-42130
was published
Dec 8, 2021
A deserialization of untrusted data vulnerability exists in Ivanti Avalanche before 6.3.3 using...
Critical
Unreviewed
CVE-2021-42127
was published
Dec 8, 2021
The ToTop Link WordPress plugin through 1.7.1 passes base64 encoded user input to the unserialize...
Critical
Unreviewed
CVE-2021-24857
was published
Dec 14, 2021
In createFromParcel of GpsNavigationMessage.java, there is a possible Parcel serialization...
High
Unreviewed
CVE-2021-0970
was published
Dec 16, 2021
In createFromParcel of OutputConfiguration.java, there is a possible parcel serialization...
High
Unreviewed
CVE-2021-0928
was published
Dec 16, 2021
Wyse Management Suite 3.3.1 and below versions contain a deserialization vulnerability that could...
Critical
Unreviewed
CVE-2021-36336
was published
Dec 22, 2021
An issue was discovered in Quest KACE Desktop Authority before 11.2. This vulnerability allows...
Critical
Unreviewed
CVE-2021-44029
was published
Dec 23, 2021
The HornetQ component of Artemis in EAP 7 was not updated with the fix for CVE-2016-4978. A...
High
Unreviewed
CVE-2021-20318
was published
Dec 24, 2021
SuiteCRM before 7.12.3 and 8.x before 8.0.2 allows PHAR deserialization that can lead to remote...
Critical
Unreviewed
CVE-2021-45899
was published
Jan 29, 2022
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below deserializes attacker controlled leading...
High
Unreviewed
CVE-2021-42631
was published
Feb 1, 2022
Microsoft SharePoint Server Remote Code Execution Vulnerability.
High
Unreviewed
CVE-2022-22005
was published
Feb 10, 2022
In writeThrowable of AndroidFuture.java, there is a possible parcel serialization/deserialization...
High
Unreviewed
CVE-2021-39676
was published
Feb 12, 2022
MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C...
High
Unreviewed
CVE-2022-0138
was published
Feb 19, 2022
A vulnerability has been identified in SINEC NMS (All versions). The affected system allows to...
High
Unreviewed
CVE-2022-24282
was published
Mar 9, 2022
SuiteCRM through 7.12.1 and 8.x through 8.0.1 allows Remote Code Execution. Authenticated users...
High
Unreviewed
CVE-2022-23940
was published
Mar 11, 2022
Deserialization of untrusted data in Veeam Agent for Windows 2.0, 2.1, 2.2, 3.0.2, 4.x, and 5.x...
High
Unreviewed
CVE-2022-26503
was published
Mar 18, 2022
Rockwell Automation Connected Components Workbench v12.00.00 and prior does not limit the objects...
High
Unreviewed
CVE-2021-27475
was published
Mar 24, 2022
ProTip!
Advisories are also available from the
GraphQL API