GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,041
Maven
5,000+
npm
3,733
NuGet
662
pip
3,414
Pub
12
RubyGems
891
Rust
866
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
90 advisories
Filter by severity
In the keystore library, there is a possible prevention of access to system Settings due to...
Moderate
Unreviewed
CVE-2022-20195
was published
Jun 16, 2022
The Windows component of Centrify Authentication and Privilege Elevation Services 3.4.0, 3.4.1, 3...
Moderate
Unreviewed
CVE-2019-18631
was published
May 24, 2022
IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow an authenticated user to send a specially crafted...
Moderate
Unreviewed
CVE-2020-4271
was published
May 24, 2022
Use of unsafe yaml load. Allows instantiation of arbitrary objects. The flaw itself is caused by...
Moderate
Unreviewed
CVE-2020-10289
was published
May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco RV340, RV340W, RV345, and...
Moderate
Unreviewed
CVE-2021-1413
was published
May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco RV340, RV340W, RV345, and...
Moderate
Unreviewed
CVE-2021-1414
was published
May 24, 2022
An unsafe deserialization vulnerability in Bridgecrew Checkov by Prisma Cloud allows arbitrary...
Moderate
Unreviewed
CVE-2021-3035
was published
May 24, 2022
Trusty contains a vulnerability in TSEC TA which deserializes the incoming messages even though...
Moderate
Unreviewed
CVE-2021-34393
was published
May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco RV340, RV340W, RV345, and...
Moderate
Unreviewed
CVE-2021-1415
was published
May 24, 2022
An unsafe deserialization vulnerability in Bridgecrew Checkov by Prisma Cloud allows arbitrary...
Moderate
Unreviewed
CVE-2021-3040
was published
May 24, 2022
Trusty contains a vulnerability in all TAs whose deserializer does not reject messages with...
Moderate
Unreviewed
CVE-2021-34394
was published
May 24, 2022
In BIG-IP Versions 16.1.x before 16.1.3, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all...
Moderate
Unreviewed
CVE-2022-33947
was published
Aug 5, 2022
Vulnerability in the Oracle GraalVM Enterprise Edition product of Oracle GraalVM (component: Java...
Moderate
Unreviewed
CVE-2020-2604
was published
May 24, 2022
Knowledge Management versions 7.01, 7.02, 7.30, 7.31, 7.40, 7.50 allows a remote attacker with...
Moderate
Unreviewed
CVE-2021-21488
was published
May 24, 2022
PHP 4 before 4.4.5, and PHP 5 before 5.2.1, when register_globals is enabled, allows context...
Moderate
Unreviewed
CVE-2007-1701
was published
May 1, 2022
The SAP EP-RUNTIME component in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to...
Moderate
Unreviewed
CVE-2016-10304
was published
May 13, 2022
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE)...
Moderate
Unreviewed
CVE-2018-15425
was published
May 13, 2022
Serialization of sensitive data in GitLab EE affecting all versions from 14.9 prior to 15.2.5, 15...
Moderate
Unreviewed
CVE-2022-3291
was published
Oct 17, 2022
Red Hat JBoss EAP version 5 is vulnerable to a deserialization of untrusted data in the JMX...
Moderate
Unreviewed
CVE-2016-9585
was published
May 13, 2022
It was found that the JMX endpoint of Red Hat JBoss Fuse 6, and Red Hat A-MQ 6 deserializes the...
Moderate
Unreviewed
CVE-2016-8653
was published
May 13, 2022
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component:...
Moderate
Unreviewed
CVE-2020-2756
was published
May 24, 2022
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component:...
Moderate
Unreviewed
CVE-2020-2757
was published
May 24, 2022
The affected product is vulnerable to the handling of serialized data. The issue results from the...
Moderate
Unreviewed
CVE-2020-12000
was published
May 24, 2022
A vulnerability was found in spider-flow up to 0.5.0. It has been declared as critical. Affected...
Moderate
Unreviewed
CVE-2023-5016
was published
Sep 17, 2023
A vulnerability was found in Zhong Bang CRMEB up to 4.6.0. It has been declared as problematic....
Moderate
Unreviewed
CVE-2023-3234
was published
Jun 14, 2023
ProTip!
Advisories are also available from the
GraphQL API