GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
482 advisories
Filter by severity
Untrusted search path vulnerability in Self-Extracting Archives created by UNLHA32.DLL prior to...
High
Unreviewed
CVE-2018-16189
was published
May 14, 2022
Untrusted search path vulnerability in UNARJ32.DLL for Win32, LHMelting for Win32, and LMLzh32...
High
Unreviewed
CVE-2018-16190
was published
May 14, 2022
Untrusted search path vulnerability in Windows 7 allows an attacker to gain privileges via a...
High
Unreviewed
CVE-2019-5921
was published
May 14, 2022
Untrusted search path vulnerability in The installer of Microsoft Teams allows an attacker to...
High
Unreviewed
CVE-2019-5922
was published
May 14, 2022
A remote code execution vulnerability exists when the Visual Studio C++ Redistributable Installer...
High
Unreviewed
CVE-2019-0809
was published
May 14, 2022
Git before 2.19.2 on Linux and UNIX executes commands from the current working directory (as if '...
Critical
Unreviewed
CVE-2018-19486
was published
May 14, 2022
Some of the DLLs loaded by Check Point ZoneAlarm up to 15.4.062 are taken from directories where...
Moderate
Unreviewed
CVE-2019-8453
was published
May 14, 2022
Untrusted search path vulnerability in Microsoft Windows Server 2003 SP2, Windows Vista SP2,...
High
Unreviewed
CVE-2015-0096
was published
May 14, 2022
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8,...
High
Unreviewed
CVE-2016-0016
was published
May 14, 2022
Microsoft Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 R2, and Windows 10 Gold and...
High
Unreviewed
CVE-2016-0018
was published
May 14, 2022
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8,...
High
Unreviewed
CVE-2016-0014
was published
May 14, 2022
BestXsoftware Best Free Keylogger before 6.0.0 allows local users to gain privileges via a Trojan...
High
Unreviewed
CVE-2018-18519
was published
May 14, 2022
Opera before 57.0.3098.106 is vulnerable to a DLL Search Order hijacking attack where an attacker...
High
Unreviewed
CVE-2018-18913
was published
May 13, 2022
The sudo helper in the HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) before...
High
Unreviewed
CVE-2017-7642
was published
May 13, 2022
A vulnerability in the build procedure for certain executable system files installed at boot time...
High
Unreviewed
CVE-2017-6768
was published
May 13, 2022
Untrusted search path vulnerability in installers of the software for SDHC/SDXC Memory Card with...
High
Unreviewed
CVE-2017-2149
was published
May 13, 2022
Untrusted search path vulnerability in the installer of Houkokusyo Sakusei Shien Tool ver3.0.2 ...
High
Unreviewed
CVE-2017-2209
was published
May 13, 2022
Insecure SPANK environment variable handling exists in SchedMD Slurm before 16.05.11, 17.x before...
High
Unreviewed
CVE-2017-15566
was published
May 13, 2022
Multiple untrusted search path vulnerabilities in the installer in Synology Cloud Station Drive...
High
Unreviewed
CVE-2017-11158
was published
May 13, 2022
Multiple untrusted search path vulnerabilities in installer in Synology Photo Station Uploader...
High
Unreviewed
CVE-2017-11159
was published
May 13, 2022
A vulnerability in the Cisco FindIT Network Discovery Utility could allow an authenticated, local...
High
Unreviewed
CVE-2017-12252
was published
May 13, 2022
The Whale browser installer 0.4.3.0 and earlier versions allows DLL hijacking.
High
Unreviewed
CVE-2018-12449
was published
May 13, 2022
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10,1, 10.5 and 11.1 could...
High
Unreviewed
CVE-2018-1458
was published
May 13, 2022
IBM Notes 8.5 and 9.0 is vulnerable to a DLL hijacking attack. A remote attacker could trick a...
High
Unreviewed
CVE-2018-1435
was published
May 13, 2022
IBM Notes 8.5 and 9.0 could allow an attacker to execute arbitrary code on the system, caused by...
High
Unreviewed
CVE-2018-1437
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API