GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,614
Composer 4,224
Erlang 31
GitHub Actions 19
Go 1,990
Maven 5,170
npm 3,706
NuGet 661
pip 3,336
Pub 11
RubyGems 884
Rust 845
Swift 36

Unreviewed advisories

All unreviewed 234,343

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

413 advisories

Filter by severity

Sort by

Least recently updated

Ampache 3.8.3 allows PHP Object Instantiation via democratic.ajax.php and democratic.class.php. High Unreviewed

CVE-2017-18375 was published May 24, 2022

e107 2.1.2 allows PHP Object Injection with resultant SQL injection, because usersettings.php... High Unreviewed

CVE-2016-10753 was published May 24, 2022

A vulnerability has been identified in LOGO! Soft Comfort (All versions). The vulnerability could... High Unreviewed

CVE-2019-10924 was published May 24, 2022

Connected Components Workbench (v13.00.00 and prior), ISaGRAF Workbench (v6.0 though v6.6.9), and... High Unreviewed

CVE-2022-1118 was published May 18, 2022

The JMX servlet in Red Hat JBoss Enterprise Application Platform (EAP) 4 and 5 allows remote... High Unreviewed

CVE-2016-7065 was published May 17, 2022

Deserialization vulnerability in lintian through 2.5.50.3 allows attackers to trigger code... High Unreviewed

CVE-2017-8829 was published May 17, 2022

TikiWiki CMS/Groupware before 6.7 LTS and before 8.4 allows remote attackers to execute arbitrary... High Unreviewed

CVE-2012-0911 was published May 17, 2022

The Cubecart::_basket method in classes/cubecart.class.php in CubeCart 5.0.0 through 5.2.0 allows... High Unreviewed

CVE-2013-1465 was published May 17, 2022

The Qpid server on Red Hat Satellite 6 does not properly restrict message types, which allows... High Unreviewed

CVE-2015-5164 was published May 17, 2022

JFrog Artifactory before 7.36.1 and 6.23.41, is vulnerable to Insecure Deserialization of... High Unreviewed

CVE-2022-0573 was published May 17, 2022

The RMI service in HP Network Automation Software 9.1x, 9.2x, 10.0x before 10.00.02.01, and 10.1x... High Unreviewed

CVE-2016-4385 was published May 14, 2022

A Deserialization of Untrusted Data vulnerability in Hewlett Packard Enterprise Intelligent... High Unreviewed

CVE-2017-8966 was published May 14, 2022

A Deserialization of Untrusted Data vulnerability in Hewlett Packard Enterprise Intelligent... High Unreviewed

CVE-2017-8963 was published May 14, 2022

A Deserialization of Untrusted Data vulnerability in Hewlett Packard Enterprise Intelligent... High Unreviewed

CVE-2017-8964 was published May 14, 2022

A Deserialization of Untrusted Data vulnerability in Hewlett Packard Enterprise Intelligent... High Unreviewed

CVE-2017-8967 was published May 14, 2022

A Deserialization of Untrusted Data vulnerability in Hewlett Packard Enterprise Intelligent... High Unreviewed

CVE-2017-8965 was published May 14, 2022

A Deserialization of Untrusted Data vulnerability in Hewlett Packard Enterprise Intelligent... High Unreviewed

CVE-2017-8962 was published May 14, 2022

NASA RtRetrievalFramework version v1.0 contains a CWE-502 vulnerability in Data retrieval... High Unreviewed

CVE-2018-1000048 was published May 14, 2022

NASA Kodiak version v1.0 contains a CWE-502 vulnerability in Kodiak library's data processing... High Unreviewed

CVE-2018-1000047 was published May 14, 2022

NASA Singledop version v1.0 contains a CWE-502 vulnerability in NASA Singledop library (Weather... High Unreviewed

CVE-2018-1000045 was published May 14, 2022

NASA Pyblock version v1.0 - v1.3 contains a CWE-502 vulnerability in Radar data parsing library... High Unreviewed

CVE-2018-1000046 was published May 14, 2022

Versions of Puppet prior to 4.10.1 will deserialize data off the wire (from the agent to the... High Unreviewed

CVE-2017-2295 was published May 14, 2022

The Milestone XProtect Video Management Software (Corporate, Expert, Professional+, Express+,... High Unreviewed

CVE-2018-7891 was published May 14, 2022

There is a Hazelcast Library Java Deserialization Vulnerability in Citrix XenMobile Server 10.8... High Unreviewed

CVE-2018-10654 was published May 14, 2022

IBM Data Server Driver for JDBC and SQLJ (IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5,... High Unreviewed

CVE-2017-1677 was published May 14, 2022

Previous 1 2 … 12 13 14 15 16 17 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

413 advisories