Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,356
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,781
NuGet
681
pip
3,460
Pub
12
RubyGems
893
Rust
890
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,523 advisories

Loading
Unsafe Deserialization in jackson-databind High
CVE-2020-36187 was published for com.fasterxml.jackson.core:jackson-databind (Maven) Dec 9, 2021
Unsafe Deserialization in jackson-databind High
CVE-2020-36188 was published for com.fasterxml.jackson.core:jackson-databind (Maven) Dec 9, 2021
Unsafe Deserialization in jackson-databind High
CVE-2020-36183 was published for com.fasterxml.jackson.core:jackson-databind (Maven) Dec 9, 2021
Unsafe Deserialization in jackson-databind High
CVE-2020-36184 was published for com.fasterxml.jackson.core:jackson-databind (Maven) Dec 9, 2021
Unsafe Deserialization in jackson-databind High
CVE-2020-36180 was published for com.fasterxml.jackson.core:jackson-databind (Maven) Dec 9, 2021
Unsafe Deserialization in jackson-databind High
CVE-2020-36181 was published for com.fasterxml.jackson.core:jackson-databind (Maven) Dec 9, 2021
Unsafe Deserialization in jackson-databind High
CVE-2020-36185 was published for com.fasterxml.jackson.core:jackson-databind (Maven) Dec 9, 2021
Unsafe Deserialization in jackson-databind High
CVE-2020-36179 was published for com.fasterxml.jackson.core:jackson-databind (Maven) Dec 9, 2021
Unsafe Deserialization in jackson-databind High
CVE-2020-36182 was published for com.fasterxml.jackson.core:jackson-databind (Maven) Dec 9, 2021
Unsafe Deserialization in jackson-databind High
CVE-2020-24750 was published for com.fasterxml.jackson.core:jackson-databind (Maven) Dec 9, 2021
westonsteimel
Serialization gadget exploit in jackson-databind High
CVE-2020-35728 was published for com.fasterxml.jackson.core:jackson-databind (Maven) Dec 9, 2021
Serialization gadgets exploit in jackson-databind High
CVE-2020-35491 was published for com.fasterxml.jackson.core:jackson-databind (Maven) Dec 9, 2021
mpihelgas
Serialization gadgets exploit in jackson-databind High
CVE-2020-35490 was published for com.fasterxml.jackson.core:jackson-databind (Maven) Dec 9, 2021
sunSUNQ
Code Injection in jackson-databind High
CVE-2020-24616 was published for com.fasterxml.jackson.core:jackson-databind (Maven) Dec 9, 2021
A deserialization of untrusted data vulnerability exists in Ivanti Avalanche before 6.3.3 using... Critical Unreviewed
CVE-2021-42127 was published Dec 8, 2021
A deserialization of untrusted data vulnerability exists in Ivanti Avalanche before 6.3.3 allows... High Unreviewed
CVE-2021-42130 was published Dec 8, 2021
Remote Code Execution in AjaxNetProfessional Critical
GHSA-6r7c-6w96-8pvw was published for AjaxNetProfessional (NuGet) Dec 7, 2021
h0ng10 mwulftange
Laravel v5.1 was discovered to contain a deserialization vulnerability via the component \Mockery... Critical Unreviewed
CVE-2021-37298 was published Dec 7, 2021
Deserialization of Untrusted Data in topthink/framework Critical
CVE-2021-36567 was published for topthink/framework (Composer) Dec 7, 2021
jhutchings1
An issue (2 of 6) was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the... Critical Unreviewed
CVE-2021-44678 was published Dec 7, 2021
An issue (4 of 6) was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the... Critical Unreviewed
CVE-2021-44680 was published Dec 7, 2021
An issue (3 of 6) was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the... Critical Unreviewed
CVE-2021-44679 was published Dec 7, 2021
An issue (1 of 6) was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the... Critical Unreviewed
CVE-2021-44677 was published Dec 7, 2021
An issue (6 of 6) was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the... Critical Unreviewed
CVE-2021-44682 was published Dec 7, 2021
An issue (5 of 6) was discovered in Veritas Enterprise Vault through 14.1.2. On start-up, the... Critical Unreviewed
CVE-2021-44681 was published Dec 7, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database