Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+

486 advisories

Loading
pnpm no-script global cache poisoning via overrides / `ignore-scripts` evasion Moderate
CVE-2024-53866 was published for pnpm (npm) Dec 10, 2024
ChALkeR
A maliciously crafted DLL file, when placed in the same directory as an RVT file could be loaded... High Unreviewed
CVE-2024-11454 was published Dec 9, 2024
DLL injection in Veeam Agent for Windows can occur if the system's PATH variable includes... High Unreviewed
CVE-2024-45207 was published Dec 4, 2024
An issue in Clementine v.1.3.1 allows a local attacker to execute arbitrary code via a crafted... High Unreviewed
CVE-2024-50986 was published Nov 15, 2024
sccache vulnerable to privilege escalation if server is run as root High
CVE-2023-1521 was published for sccache (Rust) May 30, 2023
kevinbackhouse
Substance3D - Painter versions 10.1.0 and earlier are affected by an Untrusted Search Path... High Unreviewed
CVE-2024-49515 was published Nov 12, 2024
A untrusted search path in Fortinet FortiClientWindows versions 7.4.0, versions 7.2.4 through 7.2... High Unreviewed
CVE-2024-36507 was published Nov 12, 2024
Microsoft.SqlServer.XEvent.Configuration.dll Remote Code Execution Vulnerability High Unreviewed
CVE-2024-49043 was published Nov 12, 2024
A maliciously crafted binary file when downloaded could lead to escalation of privileges to NT... High Unreviewed
CVE-2024-7995 was published Nov 5, 2024
A vulnerability classified as critical was found in Intelbras InControl 2.21.56. This... High Unreviewed
CVE-2024-6080 was published Jun 18, 2024
A vulnerability classified as critical has been found in Intelbras InControl up to 2.21.56. This... High Unreviewed
CVE-2024-9325 was published Sep 29, 2024
Poetry before v1.1.9 contains Untrusted Search Path Critical
CVE-2022-26184 was published for poetry (pip) Mar 23, 2022
Untrusted Search Path vulnerability in OpenText™ Application Lifecycle Management (ALM),Quality... Moderate Unreviewed
CVE-2023-32266 was published Oct 16, 2024
Adobe Framemaker versions 2020.6, 2022.4 and earlier are affected by an Untrusted Search Path... High Unreviewed
CVE-2024-47422 was published Oct 9, 2024
Microsoft Office Remote Code Execution Vulnerability High Unreviewed
CVE-2024-43576 was published Oct 8, 2024
Microsoft Office Remote Code Execution Vulnerability High Unreviewed
CVE-2024-43616 was published Oct 8, 2024
A potential security vulnerability has been identified in the HP One Agent for certain HP PC... High Unreviewed
CVE-2024-8733 was published Oct 2, 2024
A DLL Hijacking caused by drive remapping combined with a poisoning of the activation cache in... High Unreviewed
CVE-2024-6769 was published Sep 26, 2024
Untrusted search path under some conditions on Windows allows arbitrary code execution High
CVE-2024-22190 was published for GitPython (pip) Jan 10, 2024
EliahKagan
GitPython untrusted search path on Windows systems leading to arbitrary code execution High
CVE-2023-40590 was published for gitpython (pip) Aug 29, 2023
stsewd MicaelJarniac
Improper access control in Zoom Rooms before version 5.15.0 may allow an authenticated user to... High Unreviewed
CVE-2023-36538 was published Jul 11, 2023
Insecure temporary file in the installer for Zoom Rooms before version 5.15.0 may allow an... High Unreviewed
CVE-2023-34119 was published Jul 11, 2023
An untrusted search path vulnerability in the AprolConfigureCCServices of B&R APROL <= R 4.2.... High Unreviewed
CVE-2024-5622 was published Aug 29, 2024
An untrusted search path vulnerability in B&R APROL <= R 4.4-00P3 may be used by an authenticated... Moderate Unreviewed
CVE-2024-5623 was published Aug 29, 2024
DLL hijacking in the management console of Ivanti Workspace Control version 10.18.0.0 and below... High Unreviewed
CVE-2024-44103 was published Sep 10, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database