Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

481 advisories

Loading
Untrusted search path vulnerability in the installer in Adobe Flash Player before 10.3.183.20 and... High Unreviewed
CVE-2012-2040 was published May 13, 2022
A DLL hijacking vulnerability in Trend Micro Security 2019 (Consumer) versions below 15.0.0.1163... High Unreviewed
CVE-2018-18333 was published May 13, 2022
Untrusted search path vulnerability in the installer of PhishWall Client Internet Explorer... High Unreviewed
CVE-2017-2130 was published May 13, 2022
A DLL Hijacking vulnerability in Trend Micro's User-Mode Hooking Module (UMH) could allow an... High Unreviewed
CVE-2018-6218 was published May 13, 2022
Untrusted search path vulnerability in Setup file of advance preparation for e-Tax software (WEB... High Unreviewed
CVE-2017-2226 was published May 13, 2022
Untrusted search path vulnerability in the HGFS (aka Shared Folders) feature in VMware Tools 10.0... High Unreviewed
CVE-2016-5330 was published May 13, 2022
Puppet Enterprise 2016.4.x prior to 2016.4.12, Puppet Enterprise 2017.3.x prior to 2017.3.7,... High Unreviewed
CVE-2018-6513 was published May 13, 2022
Untrusted search path vulnerability in Microsoft Internet Explorer 9 on Windows Server 2008 R2... High Unreviewed
CVE-2011-2019 was published May 13, 2022
Multiple untrusted search path vulnerabilities in Putty beta 0.67 allow local users to execute... High Unreviewed
CVE-2016-6167 was published May 3, 2022
Trend Micro Endpoint Sensor 1.6 before b1290 has a DLL hijacking vulnerability that allows remote... High Unreviewed
CVE-2017-6798 was published May 3, 2022
sinatra does not validate expanded path matches High
CVE-2022-29970 was published for sinatra (RubyGems) May 3, 2022
Untrusted search path vulnerability in the Python module in gedit allows local users to execute... Moderate Unreviewed
CVE-2009-0314 was published May 2, 2022
Untrusted search path vulnerability in ingvalidpw in Ingres 2.6, Ingres 2006 release 1 (aka 9.0.4... High Unreviewed
CVE-2008-3357 was published May 1, 2022
It was found that glusterfs server does not properly sanitize file paths in the "trusted.io-stats... High Unreviewed
CVE-2018-10904 was published Apr 30, 2022
Disputed: OS Command injection in github.com/kardianos/service High
CVE-2022-29583 was published for github.com/kardianos/service (Go) Apr 23, 2022 withdrawn
masinger
Git LFS can execute a binary from the current directory on Windows Critical
CVE-2022-24826 was published for github.com/git-lfs/git-lfs (Go) Apr 22, 2022
yuske
A untrusted search path issue was found in Calibre at devices/linux_mount_helper.c leading to the... Critical Unreviewed
CVE-2011-4125 was published Apr 22, 2022
Untrusted search path vulnerability in AttacheCase ver.4.0.2.7 and earlier allows an attacker to... High Unreviewed
CVE-2022-25348 was published Apr 1, 2022
Untrusted search path vulnerability in AttacheCase ver.3.6.1.0 and earlier allows an attacker to... High Unreviewed
CVE-2022-28128 was published Apr 1, 2022
Untrusted Search Path in PNPM High
CVE-2022-26183 was published for pnpm (npm) Mar 23, 2022
Poetry before v1.1.9 contains Untrusted Search Path Critical
CVE-2022-26184 was published for poetry (pip) Mar 23, 2022
Anaconda Anaconda3 through 2021.11.0.0 and Miniconda3 through 11.0.0.0 can create a world... High Unreviewed
CVE-2022-26526 was published Mar 18, 2022
In Python before 3.10.3 on Windows, local users can gain privileges because the search path is... High Unreviewed
CVE-2022-26488 was published Mar 11, 2022
Untrusted Search Path in PostgreSQL Moderate Unreviewed
CVE-2020-14350 was published Feb 15, 2022
Git LFS can execute a Git binary from the current directory on Windows High
CVE-2021-21237 was published for github.com/git-lfs/git-lfs (Go) Feb 15, 2022
Ry0taK
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database