Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

89 advisories

Loading
In the keystore library, there is a possible prevention of access to system Settings due to... Moderate Unreviewed
CVE-2022-20195 was published Jun 16, 2022
The Windows component of Centrify Authentication and Privilege Elevation Services 3.4.0, 3.4.1, 3... Moderate Unreviewed
CVE-2019-18631 was published May 24, 2022
IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow an authenticated user to send a specially crafted... Moderate Unreviewed
CVE-2020-4271 was published May 24, 2022
Use of unsafe yaml load. Allows instantiation of arbitrary objects. The flaw itself is caused by... Moderate Unreviewed
CVE-2020-10289 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco RV340, RV340W, RV345, and... Moderate Unreviewed
CVE-2021-1413 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco RV340, RV340W, RV345, and... Moderate Unreviewed
CVE-2021-1414 was published May 24, 2022
An unsafe deserialization vulnerability in Bridgecrew Checkov by Prisma Cloud allows arbitrary... Moderate Unreviewed
CVE-2021-3035 was published May 24, 2022
Trusty contains a vulnerability in TSEC TA which deserializes the incoming messages even though... Moderate Unreviewed
CVE-2021-34393 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco RV340, RV340W, RV345, and... Moderate Unreviewed
CVE-2021-1415 was published May 24, 2022
An unsafe deserialization vulnerability in Bridgecrew Checkov by Prisma Cloud allows arbitrary... Moderate Unreviewed
CVE-2021-3040 was published May 24, 2022
Trusty contains a vulnerability in all TAs whose deserializer does not reject messages with... Moderate Unreviewed
CVE-2021-34394 was published May 24, 2022
In BIG-IP Versions 16.1.x before 16.1.3, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all... Moderate Unreviewed
CVE-2022-33947 was published Aug 5, 2022
Vulnerability in the Oracle GraalVM Enterprise Edition product of Oracle GraalVM (component: Java... Moderate Unreviewed
CVE-2020-2604 was published May 24, 2022
Knowledge Management versions 7.01, 7.02, 7.30, 7.31, 7.40, 7.50 allows a remote attacker with... Moderate Unreviewed
CVE-2021-21488 was published May 24, 2022
PHP 4 before 4.4.5, and PHP 5 before 5.2.1, when register_globals is enabled, allows context... Moderate Unreviewed
CVE-2007-1701 was published May 1, 2022
The SAP EP-RUNTIME component in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to... Moderate Unreviewed
CVE-2016-10304 was published May 13, 2022
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE)... Moderate Unreviewed
CVE-2018-15425 was published May 13, 2022
Serialization of sensitive data in GitLab EE affecting all versions from 14.9 prior to 15.2.5, 15... Moderate Unreviewed
CVE-2022-3291 was published Oct 17, 2022
Red Hat JBoss EAP version 5 is vulnerable to a deserialization of untrusted data in the JMX... Moderate Unreviewed
CVE-2016-9585 was published May 13, 2022
It was found that the JMX endpoint of Red Hat JBoss Fuse 6, and Red Hat A-MQ 6 deserializes the... Moderate Unreviewed
CVE-2016-8653 was published May 13, 2022
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component:... Moderate Unreviewed
CVE-2020-2757 was published May 24, 2022
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component:... Moderate Unreviewed
CVE-2020-2756 was published May 24, 2022
The affected product is vulnerable to the handling of serialized data. The issue results from the... Moderate Unreviewed
CVE-2020-12000 was published May 24, 2022
A vulnerability was found in spider-flow up to 0.5.0. It has been declared as critical. Affected... Moderate Unreviewed
CVE-2023-5016 was published Sep 17, 2023
A vulnerability was found in Zhong Bang CRMEB up to 4.6.0. It has been declared as problematic.... Moderate Unreviewed
CVE-2023-3234 was published Jun 14, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database