Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
21
Go
2,001
Maven
5,000+
npm
3,713
NuGet
661
pip
3,384
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

481 advisories

Loading
Untrusted search path vulnerability in UNARJ32.DLL for Win32, LHMelting for Win32, and LMLzh32... High Unreviewed
CVE-2018-16190 was published May 14, 2022
Untrusted search path vulnerability in Windows 7 allows an attacker to gain privileges via a... High Unreviewed
CVE-2019-5921 was published May 14, 2022
Untrusted search path vulnerability in The installer of Microsoft Teams allows an attacker to... High Unreviewed
CVE-2019-5922 was published May 14, 2022
A remote code execution vulnerability exists when the Visual Studio C++ Redistributable Installer... High Unreviewed
CVE-2019-0809 was published May 14, 2022
Git before 2.19.2 on Linux and UNIX executes commands from the current working directory (as if '... Critical Unreviewed
CVE-2018-19486 was published May 14, 2022
Some of the DLLs loaded by Check Point ZoneAlarm up to 15.4.062 are taken from directories where... Moderate Unreviewed
CVE-2019-8453 was published May 14, 2022
Untrusted search path vulnerability in Microsoft Windows Server 2003 SP2, Windows Vista SP2,... High Unreviewed
CVE-2015-0096 was published May 14, 2022
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8,... High Unreviewed
CVE-2016-0016 was published May 14, 2022
Microsoft Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 R2, and Windows 10 Gold and... High Unreviewed
CVE-2016-0018 was published May 14, 2022
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8,... High Unreviewed
CVE-2016-0014 was published May 14, 2022
BestXsoftware Best Free Keylogger before 6.0.0 allows local users to gain privileges via a Trojan... High Unreviewed
CVE-2018-18519 was published May 14, 2022
Opera before 57.0.3098.106 is vulnerable to a DLL Search Order hijacking attack where an attacker... High Unreviewed
CVE-2018-18913 was published May 13, 2022
The sudo helper in the HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) before... High Unreviewed
CVE-2017-7642 was published May 13, 2022
A vulnerability in the build procedure for certain executable system files installed at boot time... High Unreviewed
CVE-2017-6768 was published May 13, 2022
Untrusted search path vulnerability in installers of the software for SDHC/SDXC Memory Card with... High Unreviewed
CVE-2017-2149 was published May 13, 2022
Untrusted search path vulnerability in the installer of Houkokusyo Sakusei Shien Tool ver3.0.2 ... High Unreviewed
CVE-2017-2209 was published May 13, 2022
Insecure SPANK environment variable handling exists in SchedMD Slurm before 16.05.11, 17.x before... High Unreviewed
CVE-2017-15566 was published May 13, 2022
Multiple untrusted search path vulnerabilities in the installer in Synology Cloud Station Drive... High Unreviewed
CVE-2017-11158 was published May 13, 2022
Multiple untrusted search path vulnerabilities in installer in Synology Photo Station Uploader... High Unreviewed
CVE-2017-11159 was published May 13, 2022
A vulnerability in the Cisco FindIT Network Discovery Utility could allow an authenticated, local... High Unreviewed
CVE-2017-12252 was published May 13, 2022
The Whale browser installer 0.4.3.0 and earlier versions allows DLL hijacking. High Unreviewed
CVE-2018-12449 was published May 13, 2022
IBM Notes 8.5 and 9.0 is vulnerable to a DLL hijacking attack. A remote attacker could trick a... High Unreviewed
CVE-2018-1435 was published May 13, 2022
IBM Notes 8.5 and 9.0 could allow an attacker to execute arbitrary code on the system, caused by... High Unreviewed
CVE-2018-1437 was published May 13, 2022
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10,1, 10.5 and 11.1 could... High Unreviewed
CVE-2018-1458 was published May 13, 2022
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5 and 11.1... High Unreviewed
CVE-2018-1487 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database