Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,958
Erlang
29
GitHub Actions
16
Go
1,745
Maven
4,971
npm
3,507
NuGet
609
pip
3,066
Pub
10
RubyGems
832
Rust
780
Swift
34
Unreviewed advisories
All unreviewed
5,000+

453 advisories

Untrusted search path vulnerability in ELECOM Camera Assistant 1.00 and QuickFileDealer Ver.1.2.1... High Unreviewed
CVE-2023-22368 was published Feb 15, 2023
A vulnerability has been identified in TIA Multiuser Server V14 (All versions), TIA Multiuser... High Unreviewed
CVE-2022-35868 was published Feb 14, 2023
A flaw was found in libXpm. When processing files with .Z or .gz extensions, the library calls... High Unreviewed
CVE-2022-4883 was published Feb 7, 2023
A privilege escalation vulnerability exists in the sudo functionality of OpenStack Kolla git... High Unreviewed
CVE-2022-38060 was published Dec 21, 2022
mDNSResponder.exe is vulnerable to DLL Sideloading attack. Executable improperly specifies how to... High Unreviewed
CVE-2022-23748 was published Nov 18, 2022
A Untrusted Search Path vulnerability in openldap2 of openSUSE Factory allows local attackers... High Unreviewed
CVE-2022-31253 was published Nov 9, 2022
Untrusted Search Path vulnerability in LiteSpeed Technologies OpenLiteSpeed Web Server Container... High Unreviewed
CVE-2022-0074 was published Oct 28, 2022
A vulnerability was found in Redis. It has been declared as critical. This vulnerability affects... Critical Unreviewed
CVE-2022-3734 was published Oct 28, 2022
Untrusted search path vulnerability in the installer of Content Transfer (for Windows) Ver.1.3... High Unreviewed
CVE-2022-41796 was published Oct 24, 2022
Poetry vulnerable to Untrusted Search Path leading to Local Code Execution on Windows High
CVE-2022-36070 was published for poetry (pip) Oct 11, 2022
paul-gerste-sonarsource
Untrusted search path vulnerability in the installer of Device Software Manager prior to Ver.2.20... High Unreviewed
CVE-2022-36403 was published Sep 9, 2022
Dell EMC PowerScale OneFS contains an untrusted search path vulnerability. This vulnerability... Moderate Unreviewed
CVE-2021-21562 was published May 24, 2022
Path settings in HMIStudio component of ABB PB610 Panel Builder 600 versions 2.8.0.424 and... High Unreviewed
CVE-2019-18996 was published May 24, 2022
NVIDIA GeForce Experience (prior to 3.20.1) and Windows GPU Display Driver (all versions)... Moderate Unreviewed
CVE-2019-5695 was published May 24, 2022
NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in NVIDIA Control Panel... Moderate Unreviewed
CVE-2019-5694 was published May 24, 2022
NVIDIA GeForce Experience, all versions prior to 3.20.1, contains a vulnerability when GameStream... Moderate Unreviewed
CVE-2019-5701 was published May 24, 2022
Adobe Dreamweaver direct download installer versions 19.0 and below, 18.0 and below have an... High Unreviewed
CVE-2019-7956 was published May 24, 2022
Uncontrolled search path in the Intel(R) RealSense(TM) D400 Series UWP driver for Windows 10... High Unreviewed
CVE-2021-33063 was published May 24, 2022
An untrusted search path in AMD Radeon settings Installer may lead to a privilege escalation or... High Unreviewed
CVE-2020-12892 was published May 24, 2022
When Octopus Server is installed using a custom folder location, folder ACLs are not set... High Unreviewed
CVE-2021-26556 was published May 24, 2022
When Octopus Tentacle is installed using a custom folder location, folder ACLs are not set... High Unreviewed
CVE-2021-26557 was published May 24, 2022
SupportAssist Client version 3.8 and 3.9 contains an Untrusted search path vulnerability that... High Unreviewed
CVE-2021-36297 was published May 24, 2022
A DLL sideloading vulnerability in McAfee Agent for Windows prior to 5.7.4 could allow a local... High Unreviewed
CVE-2021-31841 was published May 24, 2022
A DLL preloading vulnerability was reported in Lenovo Driver Management prior to version 2.9.0719... High Unreviewed
CVE-2021-3633 was published May 24, 2022
Encode.pm, as distributed in Perl through 5.34.0, allows local users to gain privileges via a... High Unreviewed
CVE-2021-36770 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API