Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,958
Erlang
29
GitHub Actions
16
Go
1,745
Maven
4,971
npm
3,507
NuGet
609
pip
3,066
Pub
10
RubyGems
832
Rust
780
Swift
34
Unreviewed advisories
All unreviewed
5,000+

576 advisories

Bloom Uncontrolled Search Path Element vulnerability High
CVE-2023-0247 was published for github.com/bits-and-blooms/bloom (Go) Jan 12, 2023
** DISPUTED ** Insecure folder permissions in the Windows installation path of Shibboleth Service... High Unreviewed
CVE-2023-22947 was published Jan 11, 2023
The following Yokogawa Electric products contain insecure DLL loading issues. CENTUM CS 3000... High Unreviewed
CVE-2022-23401 was published Mar 12, 2022
The installer of WPS Office Version 10.8.0.6186 insecurely load VERSION.DLL (or some other DLLs),... High Unreviewed
CVE-2022-25969 was published Mar 18, 2022
WPS Presentation 11.8.0.5745 insecurely load d3dx9_41.dll when opening .pps files('current... High Unreviewed
CVE-2022-26511 was published Mar 18, 2022
The installer of WPS Office Version 10.8.0.5745 insecurely load shcore.dll, allowing an attacker... High Unreviewed
CVE-2022-26081 was published Mar 18, 2022
Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x searches for and loads DLLs as dynamic... Moderate Unreviewed
CVE-2020-25182 was published Mar 19, 2022
The G-RAID 4/8 Software Utility setups for Windows were affected by a DLL hijacking vulnerability... High Unreviewed
CVE-2022-22996 was published Mar 31, 2022
Delta Electronics DIAEnergie (all versions prior to 1.8.02.004) are vulnerable to a DLL hijacking... High Unreviewed
CVE-2022-1098 was published Apr 3, 2022
Dell Command | Update, Dell Update, and Alienware Update versions prior to 4.5 contain a Local... High Unreviewed
CVE-2022-24426 was published Apr 2, 2022
A DLL hijacking vulnerability in Samsung portable SSD T5 PC software before 1.6.9 could allow a... High Unreviewed
CVE-2022-25154 was published Apr 6, 2022
Squirrel.Windows is both a toolset and a library that provides installation and update... High Unreviewed
CVE-2022-46330 was published Dec 21, 2022
When opening a Windows shortcut from the local filesystem, an attacker could supply a remote path... Moderate Unreviewed
CVE-2022-36314 was published Dec 22, 2022
Uncontrolled search path element vulnerability in Samsung Android USB Driver windows installer... High Unreviewed
CVE-2022-28779 was published Apr 12, 2022
DLL hijacking vulnerability in Smart Switch PC prior to version 4.2.22022_4 allows attacker to... High Unreviewed
CVE-2022-27842 was published Apr 12, 2022
Uncontrolled search path element vulnerability in Samsung Update prior to version 3.0.77.0 allows... High Unreviewed
CVE-2022-28541 was published Apr 12, 2022
A vulnerability has been identified in SIMATIC Energy Manager Basic (All versions < V7.3 Update 1... High Unreviewed
CVE-2022-23449 was published Apr 13, 2022
DLL hijacking vulnerability in Kies prior to version 2.6.4.22014_2 allows attacker to execute... High Unreviewed
CVE-2022-27843 was published Apr 12, 2022
Missing DLLs, if replaced by an insider, could allow an attacker to achieve local privilege... High Unreviewed
CVE-2021-44463 was published Jan 29, 2022
A DLL search path vulnerability was reported in Lenovo PCManager prior to version 4.0.40.2175... High Unreviewed
CVE-2022-0192 was published Apr 23, 2022
Emerson DeltaV DCS versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, R5 allow a specially crafted DLL file... High Unreviewed
CVE-2018-14797 was published May 13, 2022
DLL hijacking vulnerability in Smart Switch PC prior to version 4.3.22083_3 allows attacker to... High Unreviewed
CVE-2022-39846 was published Sep 10, 2022
In Python 3.6 through 3.6.10, 3.7 through 3.7.8, 3.8 through 3.8.4rc1, and 3.9 through 3.9.0b4 on... Moderate Unreviewed
CVE-2020-15523 was published May 24, 2022
An uncontrolled search path element vulnerability in Trend Micro Apex One and Apex One as a... High Unreviewed
CVE-2022-30701 was published May 28, 2022
A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure... High Unreviewed
CVE-2021-1366 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API