Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

386 advisories

Loading
Untrusted Search Path vulnerability in LiteSpeed Technologies OpenLiteSpeed Web Server Container... High Unreviewed
CVE-2022-0074 was published Oct 28, 2022
Untrusted search path vulnerability in the installer of Content Transfer (for Windows) Ver.1.3... High Unreviewed
CVE-2022-41796 was published Oct 24, 2022
Poetry vulnerable to Untrusted Search Path leading to Local Code Execution on Windows High
CVE-2022-36070 was published for poetry (pip) Oct 11, 2022
paul-gerste-sonarsource
Untrusted search path vulnerability in the installer of Device Software Manager prior to Ver.2.20... High Unreviewed
CVE-2022-36403 was published Sep 9, 2022
Path settings in HMIStudio component of ABB PB610 Panel Builder 600 versions 2.8.0.424 and... High Unreviewed
CVE-2019-18996 was published May 24, 2022
Adobe Dreamweaver direct download installer versions 19.0 and below, 18.0 and below have an... High Unreviewed
CVE-2019-7956 was published May 24, 2022
Uncontrolled search path in the Intel(R) RealSense(TM) D400 Series UWP driver for Windows 10... High Unreviewed
CVE-2021-33063 was published May 24, 2022
An untrusted search path in AMD Radeon settings Installer may lead to a privilege escalation or... High Unreviewed
CVE-2020-12892 was published May 24, 2022
When Octopus Tentacle is installed using a custom folder location, folder ACLs are not set... High Unreviewed
CVE-2021-26557 was published May 24, 2022
When Octopus Server is installed using a custom folder location, folder ACLs are not set... High Unreviewed
CVE-2021-26556 was published May 24, 2022
SupportAssist Client version 3.8 and 3.9 contains an Untrusted search path vulnerability that... High Unreviewed
CVE-2021-36297 was published May 24, 2022
A DLL sideloading vulnerability in McAfee Agent for Windows prior to 5.7.4 could allow a local... High Unreviewed
CVE-2021-31841 was published May 24, 2022
A DLL preloading vulnerability was reported in Lenovo Driver Management prior to version 2.9.0719... High Unreviewed
CVE-2021-3633 was published May 24, 2022
Encode.pm, as distributed in Perl through 5.34.0, allows local users to gain privileges via a... High Unreviewed
CVE-2021-36770 was published May 24, 2022
The OpenSSL component of the Teradici PCoIP Software Client prior to version 21.07.0 was compiled... High Unreviewed
CVE-2021-25699 was published May 24, 2022
The OpenSSL component of the Teradici PCoIP Standard Agent prior to version 21.07.0 was compiled... High Unreviewed
CVE-2021-25698 was published May 24, 2022
Untrusted search path vulnerability in the installers of ScanSnap Manager prior to versions V7... High Unreviewed
CVE-2021-20722 was published May 24, 2022
Untrusted search path vulnerability in The Installer of Overwolf 2.168.0.n and earlier allows an... High Unreviewed
CVE-2021-20726 was published May 24, 2022
GalaxyClient version 2.0.28.9 loads unsigned DLLs such as zlib1.dll, libgcc_s_dw2-1.dll and... High Unreviewed
CVE-2021-26807 was published May 24, 2022
A local privilege escalation vulnerability was discovered in Erlang/OTP prior to version 23.2.3.... High Unreviewed
CVE-2021-29221 was published May 24, 2022
The Dolby Audio X2 (DAX2) API service before 0.8.8.90 on Windows allows local users to gain... High Unreviewed
CVE-2021-3146 was published May 24, 2022
** UNSUPPORTED WHEN ASSIGNED ** CA eHealth Performance Manager through 6.3.2.12 is affected by... High Unreviewed
CVE-2021-28246 was published May 24, 2022
** UNSUPPORTED WHEN ASSIGNED ** CA eHealth Performance Manager through 6.3.2.12 is affected by... High Unreviewed
CVE-2021-28249 was published May 24, 2022
In Edge Client version 7.2.x before 7.2.1.1, 7.1.9.x before 7.1.9.8, and 7.1.x-7.1.8.x before 7.1... High Unreviewed
CVE-2021-22980 was published May 24, 2022
Acronis True Image for Windows prior to 2021 Update 3 allowed local privilege escalation due to a... High Unreviewed
CVE-2020-35145 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API