Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

481 advisories

Loading
Microsoft SharePoint Server Remote Code Execution Vulnerability High Unreviewed
CVE-2024-30100 was published Jun 11, 2024
A local low privileged attacker can use an untrusted search path in... High Unreviewed
CVE-2024-28133 was published May 14, 2024
Windows Kernel Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-20693 was published Apr 9, 2024
Lightroom Desktop versions 7.1.2 and earlier are affected by an Untrusted Search Path... High Unreviewed
CVE-2024-20754 was published Mar 18, 2024
Microsoft Exchange Server Remote Code Execution Vulnerability High Unreviewed
CVE-2024-26198 was published Mar 12, 2024
Windows OLE Remote Code Execution Vulnerability High Unreviewed
CVE-2024-21435 was published Mar 12, 2024
This vulnerability exists in AppSamvid software due to the usage of vulnerable and outdated... Moderate Unreviewed
CVE-2024-25103 was published Mar 6, 2024
electron-builder's NSIS installer - execute arbitrary code on the target machine (Windows only) High
CVE-2024-27303 was published for app-builder-lib (npm) Mar 4, 2024
bruno-1337
Untrusted search path in some Zoom 32 bit Windows clients may allow an authenticated user to... High Unreviewed
CVE-2024-24697 was published Feb 14, 2024
PanelSwWix4.Sdk .be TEMP folder is vulnerable to DLL redirection attacks that allow the attacker to escalate privileges High
GHSA-8v28-3g86-chj5 was published for PanelSwWix4.Sdk (NuGet) Feb 8, 2024
Panel::Software Customized WiX .be TEMP folder is vulnerable to DLL redirection attacks that allow the attacker to escalate privileges High
GHSA-259p-rvjx-ffwg was published for PanelSW.Custom.WiX (NuGet) Feb 8, 2024
WiX Toolset's .be TEMP folder is vulnerable to DLL redirection attacks that allow the attacker to escalate privileges High
CVE-2024-24810 was published for wix (NuGet) Feb 8, 2024
ppv-milestone robmen
Cybozu KUNAI for Android 3.0.20 to 3.0.21 allows a remote unauthenticated attacker to cause a... High Unreviewed
CVE-2024-23304 was published Feb 6, 2024
Yarn untrusted search path vulnerability High
CVE-2021-4435 was published for yarn (npm) Feb 4, 2024
Untrusted search path under some conditions on Windows allows arbitrary code execution High
CVE-2024-22190 was published for GitPython (pip) Jan 10, 2024
EliahKagan
Microsoft Printer Metadata Troubleshooter Tool Remote Code Execution Vulnerability High Unreviewed
CVE-2024-21325 was published Jan 9, 2024
Dell SupportAssist for Home PCs version 3.14.1 and prior versions contain a privilege escalation... High Unreviewed
CVE-2023-48670 was published Dec 22, 2023
Path traversal in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom SDKs for... High Unreviewed
CVE-2023-43586 was published Dec 14, 2023
Multiple components of Iconics SCADA Suite are prone to a Phantom DLL loading vulnerability. This... Moderate Unreviewed
CVE-2023-6061 was published Dec 8, 2023
Apache Hadoop allows local user to gain root privileges High
CVE-2023-26031 was published for org.apache.hadoop:hadoop-yarn-project (Maven) Nov 16, 2023
Untrusted search path in Zoom Rooms Client for Windows and Zoom VDI Client may allow a privileged... Low Unreviewed
CVE-2023-39202 was published Nov 15, 2023
A untrusted search path vulnerability in Fortinet FortiClientWindows 7.0.9 allows an attacker to... High Unreviewed
CVE-2023-41840 was published Nov 14, 2023
Zscaler Client Connector for macOS prior to 3.7 had an unquoted search path vulnerability via the... High Unreviewed
CVE-2021-26738 was published Oct 23, 2023
Untrusted search path in CleanZoom before file date 07/24/2023 may allow a privileged user to... Moderate Unreviewed
CVE-2023-39201 was published Sep 12, 2023
Untrusted Search Path in GitHub repository vim/vim prior to 9.0.1833. High Unreviewed
CVE-2023-4736 was published Sep 2, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database