Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

515 advisories

Loading
DLL Injection in kerberos High
CVE-2020-13110 was published for kerberos (npm) Sep 4, 2020
jhutchings1
Insecure path handling in Bundler High
CVE-2019-3881 was published for bundler (RubyGems) May 10, 2021
Local Privilege Escalation in cloudflared High
CVE-2020-24356 was published for github.com/cloudflare/cloudflared (Go) May 24, 2021
AgentBTZ uhthomas
Uncontrolled Search Path Element in sharkdp/bat High
CVE-2021-36753 was published for bat (Rust) Aug 25, 2021
Relative Path Traversal in git-delta High
CVE-2021-36376 was published for git-delta (Rust) Aug 25, 2021
Antilles Dependency Confusion Vulnerability High
CVE-2021-3840 was published for antilles-tools (pip) Nov 3, 2021
DLL hijacking could lead to local privilege escalation. The following products are affected:... High Unreviewed
CVE-2021-44198 was published Nov 30, 2021
An unsafe search path vulnerability in FortiClientWindows 7.0.0, 6.4.6 and below, 6.2.x, 6.0.x... High Unreviewed
CVE-2021-32592 was published Dec 2, 2021
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The Unitrends Windows... High Unreviewed
CVE-2021-43037 was published Dec 7, 2021
SonicWall Global VPN client version 4.10.6 (32-bit and 64-bit) and earlier have a DLL Search... High Unreviewed
CVE-2021-20047 was published Dec 9, 2021
Rapid7 Insight Agent, versions 3.0.1 to 3.1.2.34, suffer from a local privilege escalation due to... High Unreviewed
CVE-2021-4007 was published Dec 15, 2021
A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL... High Unreviewed
CVE-2021-40161 was published Dec 24, 2021
Users have access to the directory where the installation repair occurs. Since the MS Installer... High Unreviewed
CVE-2021-30360 was published Jan 11, 2022
Uncontrolled search path element vulnerability in McAfee TechCheck prior to 4.0.0.2 allows a... High Unreviewed
CVE-2022-0129 was published Jan 12, 2022
A local privilege escalation (PE) vulnerability exists in the Palo Alto Networks Cortex XDR agent... High Unreviewed
CVE-2022-0015 was published Jan 13, 2022
Missing DLLs, if replaced by an insider, could allow an attacker to achieve local privilege... High Unreviewed
CVE-2021-44463 was published Jan 29, 2022
Local privilege escalation due to DLL hijacking vulnerability in Acronis Media Builder service.... High Unreviewed
CVE-2021-44206 was published Feb 10, 2022
Local privilege escalation due to DLL hijacking vulnerability. The following products are... High Unreviewed
CVE-2021-44205 was published Feb 10, 2022
AMD Radeon Software may be vulnerable to DLL Hijacking through path variable. An unprivileged... High Unreviewed
CVE-2020-12891 was published Feb 10, 2022
SAP Adaptive Server Enterprise (ASE) - version 16.0, installation makes an entry in the system... High Unreviewed
CVE-2022-22528 was published Feb 11, 2022
Uncontrolled search path in the Intel(R) GPA software before version 21.2 may allow an... High Unreviewed
CVE-2021-33101 was published Feb 11, 2022
The LSP (Language Server Protocol) plugin in KDE Kate before 21.12.2 and KTextEditor before 5.91... High Unreviewed
CVE-2022-23853 was published Feb 12, 2022
AXIS IP Utility prior to 4.17.0 allows for remote code execution and local privilege escalation... High Unreviewed
CVE-2022-23410 was published Feb 15, 2022
Affected versions of Atlassian Confluence Server and Data Center allow authenticated local... High Unreviewed
CVE-2021-43940 was published Feb 16, 2022
Adobe Creative Cloud Desktop version 2.7.0.13 (and earlier) is affected by an Uncontrolled Search... High Unreviewed
CVE-2022-23202 was published Feb 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database