Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

481 advisories

Loading
Substance3D - Painter versions 10.1.0 and earlier are affected by an Untrusted Search Path... High Unreviewed
CVE-2024-49515 was published Nov 12, 2024
A untrusted search path in Fortinet FortiClientWindows versions 7.4.0, versions 7.2.4 through 7.2... High Unreviewed
CVE-2024-36507 was published Nov 12, 2024
Microsoft.SqlServer.XEvent.Configuration.dll Remote Code Execution Vulnerability High Unreviewed
CVE-2024-49043 was published Nov 12, 2024
A maliciously crafted binary file when downloaded could lead to escalation of privileges to NT... High Unreviewed
CVE-2024-7995 was published Nov 5, 2024
A vulnerability classified as critical was found in Intelbras InControl 2.21.56. This... High Unreviewed
CVE-2024-6080 was published Jun 18, 2024
A vulnerability classified as critical has been found in Intelbras InControl up to 2.21.56. This... High Unreviewed
CVE-2024-9325 was published Sep 29, 2024
Poetry before v1.1.9 contains Untrusted Search Path Critical
CVE-2022-26184 was published for poetry (pip) Mar 23, 2022
Untrusted Search Path vulnerability in OpenText™ Application Lifecycle Management (ALM),Quality... Moderate Unreviewed
CVE-2023-32266 was published Oct 16, 2024
Adobe Framemaker versions 2020.6, 2022.4 and earlier are affected by an Untrusted Search Path... High Unreviewed
CVE-2024-47422 was published Oct 9, 2024
Microsoft Office Remote Code Execution Vulnerability High Unreviewed
CVE-2024-43576 was published Oct 8, 2024
Microsoft Office Remote Code Execution Vulnerability High Unreviewed
CVE-2024-43616 was published Oct 8, 2024
A potential security vulnerability has been identified in the HP One Agent for certain HP PC... High Unreviewed
CVE-2024-8733 was published Oct 2, 2024
A DLL Hijacking caused by drive remapping combined with a poisoning of the activation cache in... High Unreviewed
CVE-2024-6769 was published Sep 26, 2024
Untrusted search path under some conditions on Windows allows arbitrary code execution High
CVE-2024-22190 was published for GitPython (pip) Jan 10, 2024
EliahKagan
GitPython untrusted search path on Windows systems leading to arbitrary code execution High
CVE-2023-40590 was published for gitpython (pip) Aug 29, 2023
stsewd MicaelJarniac
Improper access control in Zoom Rooms before version 5.15.0 may allow an authenticated user to... High Unreviewed
CVE-2023-36538 was published Jul 11, 2023
Insecure temporary file in the installer for Zoom Rooms before version 5.15.0 may allow an... High Unreviewed
CVE-2023-34119 was published Jul 11, 2023
An untrusted search path vulnerability in the AprolConfigureCCServices of B&R APROL <= R 4.2.... High Unreviewed
CVE-2024-5622 was published Aug 29, 2024
An untrusted search path vulnerability in B&R APROL <= R 4.4-00P3 may be used by an authenticated... Moderate Unreviewed
CVE-2024-5623 was published Aug 29, 2024
DLL hijacking in the management console of Ivanti Workspace Control version 10.18.0.0 and below... High Unreviewed
CVE-2024-44103 was published Sep 10, 2024
SAP BusinessObjects Business Intelligence Platform allows a high privilege user to run client... Moderate Unreviewed
CVE-2024-45281 was published Sep 10, 2024
Ansible Improper Input Validation vulnerability High
CVE-2018-10874 was published for ansible (pip) May 13, 2022
Yandex Browser for Desktop before 24.7.1.380 has a DLL Hijacking Vulnerability because an... High Unreviewed
CVE-2024-6473 was published Sep 3, 2024
Ansible Arbitrary Code Execution High
CVE-2018-10875 was published for ansible (pip) May 13, 2022
iRODS before 4.3.2 provides an msiSendMail function with a problematic dependency on the mail... Critical Unreviewed
CVE-2024-38462 was published Jun 16, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database