Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

482 advisories

Loading
High severity vulnerability that affects electron High
CVE-2016-1202 was published for electron (npm) Oct 24, 2017
Anaconda Anaconda3 through 2021.11.0.0 and Miniconda3 through 11.0.0.0 can create a world... High Unreviewed
CVE-2022-26526 was published Mar 18, 2022
Untrusted search path vulnerability in AttacheCase ver.4.0.2.7 and earlier allows an attacker to... High Unreviewed
CVE-2022-25348 was published Apr 1, 2022
Untrusted search path vulnerability in AttacheCase ver.3.6.1.0 and earlier allows an attacker to... High Unreviewed
CVE-2022-28128 was published Apr 1, 2022
Git LFS can execute a binary from the current directory on Windows Critical
CVE-2022-24826 was published for github.com/git-lfs/git-lfs (Go) Apr 22, 2022
yuske
A untrusted search path issue was found in Calibre at devices/linux_mount_helper.c leading to the... Critical Unreviewed
CVE-2011-4125 was published Apr 22, 2022
Untrusted search path vulnerability in the PySys_SetArgv API function in Python 2.6 and earlier,... Moderate Unreviewed
CVE-2008-5983 was published May 17, 2022
Untrusted search path vulnerability in the pthread_win32_process_attach_np function in pthreadGC2... Moderate Unreviewed
CVE-2010-5250 was published May 17, 2022
The writeRandomBytes_RtlGenRandom function in xmlparse.c in libexpat in Expat 2.2.1 and 2.2.2 on... High Unreviewed
CVE-2017-11742 was published May 17, 2022
When Octopus Server is installed using a custom folder location, folder ACLs are not set... High Unreviewed
CVE-2021-26556 was published May 24, 2022
Sandboxie installer 5071703 has a DLL Hijacking or Unsafe DLL Loading Vulnerability via a Trojan... High Unreviewed
CVE-2017-12480 was published May 17, 2022
VIT Spider Player 2.5.3 has an untrusted search path, allowing DLL hijacking via a Trojan horse... High Unreviewed
CVE-2017-11748 was published May 17, 2022
Format Factory 4.1.0 has a DLL Hijacking Vulnerability because an untrusted search path is used... Critical Unreviewed
CVE-2017-12414 was published May 17, 2022
Untrusted search path vulnerability in Self-extracting encrypted files created by AttacheCase ver... High Unreviewed
CVE-2017-2272 was published May 17, 2022
Untrusted search path vulnerability in Encrypted files in self-decryption format created by... High Unreviewed
CVE-2017-2270 was published May 17, 2022
Untrusted search path vulnerability in Tween Ver1.6.6.0 and earlier allows an attacker to gain... High Unreviewed
CVE-2017-2279 was published May 17, 2022
Untrusted search path vulnerability in Installer of Lhaz version 2.4.0 and earlier allows an... High Unreviewed
CVE-2017-2246 was published May 17, 2022
IBM WebSphere Message Broker could allow a local user with specialized access to prevent the... Low Unreviewed
CVE-2017-1144 was published May 17, 2022
Adobe Shockwave versions 12.2.7.197 and earlier have an insecure library loading (DLL hijacking)... High Unreviewed
CVE-2017-2983 was published May 17, 2022
Untrusted search path vulnerability in The installer of Charamin OMP Version 1.1.7.4 and earlier,... High Unreviewed
CVE-2017-2227 was published May 17, 2022
Untrusted search path vulnerability in Self-extracting archive files created by Lhaz version 2.4... High Unreviewed
CVE-2017-2247 was published May 17, 2022
Untrusted search path vulnerability in Encrypted files in self-decryption format created by... High Unreviewed
CVE-2017-2268 was published May 17, 2022
Untrusted search path vulnerability in Installer of PDF Digital Signature Plugin (G2.30) and... High Unreviewed
CVE-2017-2233 was published May 17, 2022
Untrusted search path vulnerability in Installer of Electronic tendering and bid opening system... High Unreviewed
CVE-2017-2208 was published May 17, 2022
Untrusted search path vulnerability in Installer of Denshinouhin Check System (for Ministry of... High Unreviewed
CVE-2017-2188 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database