Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,973
Erlang
29
GitHub Actions
16
Go
1,762
Maven
4,984
npm
3,519
NuGet
611
pip
3,097
Pub
10
RubyGems
834
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

580 advisories

Loading
DLL Injection in kerberos High
CVE-2020-13110 was published for kerberos (npm) Sep 4, 2020
jhutchings1
Insecure path handling in Bundler High
CVE-2019-3881 was published for bundler (RubyGems) May 10, 2021
Local Privilege Escalation in cloudflared High
CVE-2020-24356 was published for github.com/cloudflare/cloudflared (Go) May 24, 2021
AgentBTZ uhthomas
Arbitrary code execution due to an uncontrolled search path for the git binary Critical
CVE-2021-28955 was published for github.com/MichaelMure/git-bug (Go) May 25, 2021
Uncontrolled Search Path Element in sharkdp/bat High
CVE-2021-36753 was published for bat (Rust) Aug 25, 2021
Relative Path Traversal in git-delta High
CVE-2021-36376 was published for git-delta (Rust) Aug 25, 2021
Antilles Dependency Confusion Vulnerability High
CVE-2021-3840 was published for antilles-tools (pip) Nov 3, 2021
DLL hijacking could lead to denial of service. The following products are affected: Acronis Cyber... Moderate Unreviewed
CVE-2021-44199 was published Nov 30, 2021
DLL hijacking could lead to local privilege escalation. The following products are affected:... High Unreviewed
CVE-2021-44198 was published Nov 30, 2021
An unsafe search path vulnerability in FortiClientWindows 7.0.0, 6.4.6 and below, 6.2.x, 6.0.x... High Unreviewed
CVE-2021-32592 was published Dec 2, 2021
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The Unitrends Windows... High Unreviewed
CVE-2021-43037 was published Dec 7, 2021
SonicWall Global VPN client version 4.10.6 (32-bit and 64-bit) and earlier have a DLL Search... High Unreviewed
CVE-2021-20047 was published Dec 9, 2021
Rapid7 Insight Agent, versions 3.0.1 to 3.1.2.34, suffer from a local privilege escalation due to... High Unreviewed
CVE-2021-4007 was published Dec 15, 2021
A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL... High Unreviewed
CVE-2021-40161 was published Dec 24, 2021
Users have access to the directory where the installation repair occurs. Since the MS Installer... High Unreviewed
CVE-2021-30360 was published Jan 11, 2022
Uncontrolled search path element vulnerability in McAfee TechCheck prior to 4.0.0.2 allows a... High Unreviewed
CVE-2022-0129 was published Jan 12, 2022
A local privilege escalation (PE) vulnerability exists in the Palo Alto Networks Cortex XDR agent... High Unreviewed
CVE-2022-0015 was published Jan 13, 2022
Missing DLLs, if replaced by an insider, could allow an attacker to achieve local privilege... High Unreviewed
CVE-2021-44463 was published Jan 29, 2022
Local privilege escalation due to DLL hijacking vulnerability. The following products are... High Unreviewed
CVE-2021-44205 was published Feb 10, 2022
Local privilege escalation due to DLL hijacking vulnerability in Acronis Media Builder service.... High Unreviewed
CVE-2021-44206 was published Feb 10, 2022
AMD Radeon Software may be vulnerable to DLL Hijacking through path variable. An unprivileged... High Unreviewed
CVE-2020-12891 was published Feb 10, 2022
SAP Adaptive Server Enterprise (ASE) - version 16.0, installation makes an entry in the system... High Unreviewed
CVE-2022-22528 was published Feb 11, 2022
Uncontrolled search path in the Intel(R) GPA software before version 21.2 may allow an... High Unreviewed
CVE-2021-33101 was published Feb 11, 2022
Uncontrolled Search Path Element in software for Intel(R) PROSet/Wireless Wi-Fi in Windows 10 and... Moderate Unreviewed
CVE-2021-0169 was published Feb 11, 2022
Git LFS can execute a Git binary from the current directory Critical
CVE-2020-27955 was published for github.com/git-lfs/git-lfs (Go) Feb 11, 2022
dawidgolunski
ProTip! Advisories are also available from the GraphQL API