Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,683
Erlang
29
GitHub Actions
16
Go
1,708
Maven
4,944
npm
3,473
NuGet
603
pip
2,995
Pub
10
RubyGems
826
Rust
773
Swift
34
Unreviewed advisories
All unreviewed
5,000+

452 advisories

A local low privileged attacker can use an untrusted search path in... High Unreviewed
CVE-2024-28133 was published May 14, 2024
Windows Kernel Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-20693 was published Apr 9, 2024
Lightroom Desktop versions 7.1.2 and earlier are affected by an Untrusted Search Path... High Unreviewed
CVE-2024-20754 was published Mar 18, 2024
Microsoft Exchange Server Remote Code Execution Vulnerability High Unreviewed
CVE-2024-26198 was published Mar 12, 2024
Windows OLE Remote Code Execution Vulnerability High Unreviewed
CVE-2024-21435 was published Mar 12, 2024
This vulnerability exists in AppSamvid software due to the usage of vulnerable and outdated... Moderate Unreviewed
CVE-2024-25103 was published Mar 6, 2024
electron-builder's NSIS installer - execute arbitrary code on the target machine (Windows only) High
CVE-2024-27303 was published for app-builder-lib (npm) Mar 4, 2024
bruno-1337
Untrusted search path in some Zoom 32 bit Windows clients may allow an authenticated user to... High Unreviewed
CVE-2024-24697 was published Feb 14, 2024
PanelSwWix4.Sdk .be TEMP folder is vulnerable to DLL redirection attacks that allow the attacker to escalate privileges High
GHSA-8v28-3g86-chj5 was published for PanelSwWix4.Sdk (NuGet) Feb 8, 2024
Panel::Software Customized WiX .be TEMP folder is vulnerable to DLL redirection attacks that allow the attacker to escalate privileges High
GHSA-259p-rvjx-ffwg was published for PanelSW.Custom.WiX (NuGet) Feb 8, 2024
WiX Toolset's .be TEMP folder is vulnerable to DLL redirection attacks that allow the attacker to escalate privileges High
CVE-2024-24810 was published for wix (NuGet) Feb 8, 2024
ppv-milestone robmen
Cybozu KUNAI for Android 3.0.20 to 3.0.21 allows a remote unauthenticated attacker to cause a... High Unreviewed
CVE-2024-23304 was published Feb 6, 2024
Yarn untrusted search path vulnerability High
CVE-2021-4435 was published for yarn (npm) Feb 4, 2024
Untrusted search path under some conditions on Windows allows arbitrary code execution High
CVE-2024-22190 was published for GitPython (pip) Jan 10, 2024
EliahKagan
Microsoft Printer Metadata Troubleshooter Tool Remote Code Execution Vulnerability High Unreviewed
CVE-2024-21325 was published Jan 9, 2024
Dell SupportAssist for Home PCs version 3.14.1 and prior versions contain a privilege escalation... High Unreviewed
CVE-2023-48670 was published Dec 22, 2023
Path traversal in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom SDKs for... High Unreviewed
CVE-2023-43586 was published Dec 14, 2023
Multiple components of Iconics SCADA Suite are prone to a Phantom DLL loading vulnerability. This... Moderate Unreviewed
CVE-2023-6061 was published Dec 8, 2023
Apache Hadoop allows local user to gain root privileges High
CVE-2023-26031 was published for org.apache.hadoop:hadoop-yarn-project (Maven) Nov 16, 2023
Untrusted search path in Zoom Rooms Client for Windows and Zoom VDI Client may allow a privileged... Low Unreviewed
CVE-2023-39202 was published Nov 15, 2023
A untrusted search path vulnerability in Fortinet FortiClientWindows 7.0.9 allows an attacker to... High Unreviewed
CVE-2023-41840 was published Nov 14, 2023
Zscaler Client Connector for macOS prior to 3.7 had an unquoted search path vulnerability via the... High Unreviewed
CVE-2021-26738 was published Oct 23, 2023
Untrusted search path in CleanZoom before file date 07/24/2023 may allow a privileged user to... Moderate Unreviewed
CVE-2023-39201 was published Sep 12, 2023
Untrusted Search Path in GitHub repository vim/vim prior to 9.0.1833. High Unreviewed
CVE-2023-4736 was published Sep 2, 2023
GitPython untrusted search path on Windows systems leading to arbitrary code execution High
CVE-2023-40590 was published for gitpython (pip) Aug 29, 2023
stsewd MicaelJarniac
ProTip! Advisories are also available from the GraphQL API