GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
503 advisories
Filter by severity
DLL hijacking could lead to local privilege escalation. The following products are affected:...
High
Unreviewed
CVE-2021-44198
was published
Nov 30, 2021
An unsafe search path vulnerability in FortiClientWindows 7.0.0, 6.4.6 and below, 6.2.x, 6.0.x...
High
Unreviewed
CVE-2021-32592
was published
Dec 2, 2021
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The Unitrends Windows...
High
Unreviewed
CVE-2021-43037
was published
Dec 7, 2021
SonicWall Global VPN client version 4.10.6 (32-bit and 64-bit) and earlier have a DLL Search...
High
Unreviewed
CVE-2021-20047
was published
Dec 9, 2021
Rapid7 Insight Agent, versions 3.0.1 to 3.1.2.34, suffer from a local privilege escalation due to...
High
Unreviewed
CVE-2021-4007
was published
Dec 15, 2021
A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL...
High
Unreviewed
CVE-2021-40161
was published
Dec 24, 2021
Users have access to the directory where the installation repair occurs. Since the MS Installer...
High
Unreviewed
CVE-2021-30360
was published
Jan 11, 2022
Uncontrolled search path element vulnerability in McAfee TechCheck prior to 4.0.0.2 allows a...
High
Unreviewed
CVE-2022-0129
was published
Jan 12, 2022
A local privilege escalation (PE) vulnerability exists in the Palo Alto Networks Cortex XDR agent...
High
Unreviewed
CVE-2022-0015
was published
Jan 13, 2022
Missing DLLs, if replaced by an insider, could allow an attacker to achieve local privilege...
High
Unreviewed
CVE-2021-44463
was published
Jan 29, 2022
Local privilege escalation due to DLL hijacking vulnerability in Acronis Media Builder service....
High
Unreviewed
CVE-2021-44206
was published
Feb 10, 2022
Local privilege escalation due to DLL hijacking vulnerability. The following products are...
High
Unreviewed
CVE-2021-44205
was published
Feb 10, 2022
AMD Radeon Software may be vulnerable to DLL Hijacking through path variable. An unprivileged...
High
Unreviewed
CVE-2020-12891
was published
Feb 10, 2022
SAP Adaptive Server Enterprise (ASE) - version 16.0, installation makes an entry in the system...
High
Unreviewed
CVE-2022-22528
was published
Feb 11, 2022
Uncontrolled search path in the Intel(R) GPA software before version 21.2 may allow an...
High
Unreviewed
CVE-2021-33101
was published
Feb 11, 2022
The LSP (Language Server Protocol) plugin in KDE Kate before 21.12.2 and KTextEditor before 5.91...
High
Unreviewed
CVE-2022-23853
was published
Feb 12, 2022
AXIS IP Utility prior to 4.17.0 allows for remote code execution and local privilege escalation...
High
Unreviewed
CVE-2022-23410
was published
Feb 15, 2022
Affected versions of Atlassian Confluence Server and Data Center allow authenticated local...
High
Unreviewed
CVE-2021-43940
was published
Feb 16, 2022
Adobe Creative Cloud Desktop version 2.7.0.13 (and earlier) is affected by an Uncontrolled Search...
High
Unreviewed
CVE-2022-23202
was published
Feb 17, 2022
VMware Tools for Windows (11.x.y and 10.x.y prior to 12.0.0) contains an uncontrolled search path...
High
Unreviewed
CVE-2022-22943
was published
Mar 4, 2022
Trend Micro Password Manager (Consumer) installer version 5.0.0.1262 and below is vulnerable to...
High
Unreviewed
CVE-2022-26337
was published
Mar 9, 2022
The following Yokogawa Electric products contain insecure DLL loading issues. CENTUM CS 3000...
High
Unreviewed
CVE-2022-23401
was published
Mar 12, 2022
WPS Presentation 11.8.0.5745 insecurely load d3dx9_41.dll when opening .pps files('current...
High
Unreviewed
CVE-2022-26511
was published
Mar 18, 2022
The installer of WPS Office Version 10.8.0.6186 insecurely load VERSION.DLL (or some other DLLs),...
High
Unreviewed
CVE-2022-25969
was published
Mar 18, 2022
The installer of WPS Office Version 10.8.0.5745 insecurely load shcore.dll, allowing an attacker...
High
Unreviewed
CVE-2022-26081
was published
Mar 18, 2022
ProTip!
Advisories are also available from the
GraphQL API