Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

482 advisories

Loading
An issue found in Wondershare Technology Co.,Ltd Edraw-max v.12.0.4 allows a remote attacker to... High Unreviewed
CVE-2023-27770 was published Apr 4, 2023
Creative Cloud version 5.9.1 (and earlier) is affected by an Untrusted Search Path vulnerability... High Unreviewed
CVE-2023-26358 was published Mar 22, 2023
An untrusted search path vulnerability exists in Node.js. <19.6.1, <18.14.1, <16.19.1, and <14.21... Moderate Unreviewed
CVE-2023-23920 was published Feb 23, 2023
Untrusted search path vulnerability in ELECOM Camera Assistant 1.00 and QuickFileDealer Ver.1.2.1... High Unreviewed
CVE-2023-22368 was published Feb 15, 2023
A vulnerability has been identified in TIA Multiuser Server V14 (All versions), TIA Multiuser... High Unreviewed
CVE-2022-35868 was published Feb 14, 2023
A flaw was found in libXpm. When processing files with .Z or .gz extensions, the library calls... High Unreviewed
CVE-2022-4883 was published Feb 7, 2023
A privilege escalation vulnerability exists in the sudo functionality of OpenStack Kolla git... High Unreviewed
CVE-2022-38060 was published Dec 21, 2022
mDNSResponder.exe is vulnerable to DLL Sideloading attack. Executable improperly specifies how to... High Unreviewed
CVE-2022-23748 was published Nov 18, 2022
A Untrusted Search Path vulnerability in openldap2 of openSUSE Factory allows local attackers... High Unreviewed
CVE-2022-31253 was published Nov 9, 2022
Untrusted Search Path vulnerability in LiteSpeed Technologies OpenLiteSpeed Web Server Container... High Unreviewed
CVE-2022-0074 was published Oct 28, 2022
A vulnerability was found in Redis. It has been declared as critical. This vulnerability affects... Critical Unreviewed
CVE-2022-3734 was published Oct 28, 2022
Untrusted search path vulnerability in the installer of Content Transfer (for Windows) Ver.1.3... High Unreviewed
CVE-2022-41796 was published Oct 24, 2022
Poetry vulnerable to Untrusted Search Path leading to Local Code Execution on Windows High
CVE-2022-36070 was published for poetry (pip) Oct 11, 2022
paul-gerste-sonarsource
Untrusted search path vulnerability in the installer of Device Software Manager prior to Ver.2.20... High Unreviewed
CVE-2022-36403 was published Sep 9, 2022
Windows CSRSS Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22026,... High Unreviewed
CVE-2022-22047 was published Jul 13, 2022
Dell EMC PowerScale OneFS contains an untrusted search path vulnerability. This vulnerability... Moderate Unreviewed
CVE-2021-21562 was published May 24, 2022
Path settings in HMIStudio component of ABB PB610 Panel Builder 600 versions 2.8.0.424 and... High Unreviewed
CVE-2019-18996 was published May 24, 2022
NVIDIA GeForce Experience (prior to 3.20.1) and Windows GPU Display Driver (all versions)... Moderate Unreviewed
CVE-2019-5695 was published May 24, 2022
NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in NVIDIA Control Panel... Moderate Unreviewed
CVE-2019-5694 was published May 24, 2022
NVIDIA GeForce Experience, all versions prior to 3.20.1, contains a vulnerability when GameStream... Moderate Unreviewed
CVE-2019-5701 was published May 24, 2022
Adobe Dreamweaver direct download installer versions 19.0 and below, 18.0 and below have an... High Unreviewed
CVE-2019-7956 was published May 24, 2022
Uncontrolled search path in the Intel(R) RealSense(TM) D400 Series UWP driver for Windows 10... High Unreviewed
CVE-2021-33063 was published May 24, 2022
An untrusted search path in AMD Radeon settings Installer may lead to a privilege escalation or... High Unreviewed
CVE-2020-12892 was published May 24, 2022
When Octopus Tentacle is installed using a custom folder location, folder ACLs are not set... High Unreviewed
CVE-2021-26557 was published May 24, 2022
When Octopus Server is installed using a custom folder location, folder ACLs are not set... High Unreviewed
CVE-2021-26556 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database