GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
399 advisories
Filter by severity
VMware vSphere Data Protection (VDP) 6.1.x, 6.0.x, 5.8.x, and 5.5.x contains a deserialization...
Critical
Unreviewed
CVE-2017-4914
was published
May 17, 2022
CrushFTP 8.x before 8.2.0 has a serialization vulnerability.
Critical
Unreviewed
CVE-2017-14035
was published
May 17, 2022
Versions of MCollective prior to 2.10.4 deserialized YAML from agents without calling safe_load,...
Critical
Unreviewed
CVE-2017-2292
was published
May 17, 2022
All versions prior to V12.17.20 of the ZTE Microwave NR8000 series products - NR8120, NR8120A,...
Critical
Unreviewed
CVE-2017-10932
was published
May 17, 2022
The Reporting Compatibility Add On before 2.0.4 for OpenMRS, as distributed in OpenMRS Reference...
Critical
Unreviewed
CVE-2017-12796
was published
May 17, 2022
Laravel 9.1.8, when processing attacker-controlled data for deserialization, allows Remote Code...
Critical
Unreviewed
CVE-2022-30778
was published
May 17, 2022
Laravel 9.1.8, when processing attacker-controlled data for deserialization, allows Remote Code...
Critical
Unreviewed
CVE-2022-30779
was published
May 17, 2022
In vBulletin through 5.3.x, there is an unauthenticated deserialization vulnerability that leads...
Critical
Unreviewed
CVE-2017-17672
was published
May 14, 2022
ext/standard/var_unserializer.c in PHP before 5.6.25 and 7.x before 7.0.10 mishandles certain...
Critical
Unreviewed
CVE-2016-7124
was published
May 14, 2022
A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3...
Critical
Unreviewed
CVE-2017-5792
was published
May 14, 2022
VMware Realize Automation (7.3 and 7.2) and vSphere Integrated Containers (1.x before 1.3)...
Critical
Unreviewed
CVE-2017-4947
was published
May 14, 2022
A remote code execution vulnerability in HPE Operations Orchestration Community edition and...
Critical
Unreviewed
CVE-2016-8519
was published
May 14, 2022
A Remote Code Execution vulnerability in HPE intelligent Management Center (iMC) PLAT version IMC...
Critical
Unreviewed
CVE-2017-12556
was published
May 14, 2022
A Remote Code Execution vulnerability in HPE intelligent Management Center (iMC) PLAT version IMC...
Critical
Unreviewed
CVE-2017-12558
was published
May 14, 2022
A remote deserialization of untrusted data vulnerability in HPE Intelligent Management Center ...
Critical
Unreviewed
CVE-2017-5790
was published
May 14, 2022
A Remote Code Execution vulnerability in HPE Network Automation using RPCServlet and Java...
Critical
Unreviewed
CVE-2016-8511
was published
May 14, 2022
The MyScript SDK before 1.3 for Android might allow attackers to execute arbitrary code by...
Critical
Unreviewed
CVE-2015-2020
was published
May 14, 2022
In Jboss Application Server as shipped with Red Hat Enterprise Application Platform 5.2, it was...
Critical
Unreviewed
CVE-2017-12149
was published
May 14, 2022
An issue was discovered in phpMyAdmin. Some data is passed to the PHP unserialize() function...
Critical
Unreviewed
CVE-2016-6620
was published
May 14, 2022
All versions prior to V5.09.02.02T4 of the ZTE ZXIPTV-EPG product use the Java RMI service in...
Critical
Unreviewed
CVE-2017-10934
was published
May 14, 2022
PHPMemcachedAdmin 1.2.2 and earlier allows remote attackers to execute arbitrary PHP code via...
Critical
Unreviewed
CVE-2014-8731
was published
May 14, 2022
The EjbObjectInputStream class in Apache TomEE before 1.7.4 and 7.x before 7.0.0-M3 allows remote...
Critical
Unreviewed
CVE-2016-0779
was published
May 14, 2022
SAP NetWeaver 7400.12.21.30308 allows remote attackers to cause a denial of service and possibly...
Critical
Unreviewed
CVE-2017-9844
was published
May 14, 2022
MegaMek version < v0.45.1 contains a Other/Unknown vulnerability in Object Stream Connection that...
Critical
Unreviewed
CVE-2018-1000824
was published
May 14, 2022
Ubilling version <= 0.9.2 contains a Other/Unknown vulnerability in user-controlled parameter...
Critical
Unreviewed
CVE-2018-1000827
was published
May 14, 2022
ProTip!
Advisories are also available from the
GraphQL API