GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
483 advisories
Filter by severity
iRODS before 4.3.2 provides an msiSendMail function with a problematic dependency on the mail...
Critical
Unreviewed
CVE-2024-38462
was published
Jun 16, 2024
Microsoft SharePoint Server Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-30100
was published
Jun 11, 2024
A local low privileged attacker can use an untrusted search path in...
High
Unreviewed
CVE-2024-28133
was published
May 14, 2024
Windows Kernel Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-20693
was published
Apr 9, 2024
Lightroom Desktop versions 7.1.2 and earlier are affected by an Untrusted Search Path...
High
Unreviewed
CVE-2024-20754
was published
Mar 18, 2024
Microsoft Exchange Server Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-26198
was published
Mar 12, 2024
Windows OLE Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-21435
was published
Mar 12, 2024
This vulnerability exists in AppSamvid software due to the usage of vulnerable and outdated...
Moderate
Unreviewed
CVE-2024-25103
was published
Mar 6, 2024
electron-builder's NSIS installer - execute arbitrary code on the target machine (Windows only)
High
CVE-2024-27303
was published
for
app-builder-lib
(npm)
Mar 4, 2024
Untrusted search path in some Zoom 32 bit Windows clients may allow an authenticated user to...
High
Unreviewed
CVE-2024-24697
was published
Feb 14, 2024
PanelSwWix4.Sdk .be TEMP folder is vulnerable to DLL redirection attacks that allow the attacker to escalate privileges
High
GHSA-8v28-3g86-chj5
was published
for
PanelSwWix4.Sdk
(NuGet)
Feb 8, 2024
Panel::Software Customized WiX .be TEMP folder is vulnerable to DLL redirection attacks that allow the attacker to escalate privileges
High
GHSA-259p-rvjx-ffwg
was published
for
PanelSW.Custom.WiX
(NuGet)
Feb 8, 2024
WiX Toolset's .be TEMP folder is vulnerable to DLL redirection attacks that allow the attacker to escalate privileges
High
CVE-2024-24810
was published
for
wix
(NuGet)
Feb 8, 2024
Cybozu KUNAI for Android 3.0.20 to 3.0.21 allows a remote unauthenticated attacker to cause a...
High
Unreviewed
CVE-2024-23304
was published
Feb 6, 2024
Yarn untrusted search path vulnerability
High
CVE-2021-4435
was published
for
yarn
(npm)
Feb 4, 2024
Untrusted search path under some conditions on Windows allows arbitrary code execution
High
CVE-2024-22190
was published
for
GitPython
(pip)
Jan 10, 2024
Microsoft Printer Metadata Troubleshooter Tool Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-21325
was published
Jan 9, 2024
Dell SupportAssist for Home PCs version 3.14.1 and prior versions contain a privilege escalation...
High
Unreviewed
CVE-2023-48670
was published
Dec 22, 2023
Path traversal in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom SDKs for...
High
Unreviewed
CVE-2023-43586
was published
Dec 14, 2023
Multiple components of Iconics SCADA Suite are prone to a Phantom DLL loading vulnerability. This...
Moderate
Unreviewed
CVE-2023-6061
was published
Dec 8, 2023
Apache Hadoop allows local user to gain root privileges
High
CVE-2023-26031
was published
for
org.apache.hadoop:hadoop-yarn-project
(Maven)
Nov 16, 2023
Untrusted search path in Zoom Rooms Client for Windows and Zoom VDI Client may allow a privileged...
Low
Unreviewed
CVE-2023-39202
was published
Nov 15, 2023
A untrusted search path vulnerability in Fortinet FortiClientWindows 7.0.9 allows an attacker to...
High
Unreviewed
CVE-2023-41840
was published
Nov 14, 2023
Zscaler Client Connector for macOS prior to 3.7 had an unquoted search path vulnerability via the...
High
Unreviewed
CVE-2021-26738
was published
Oct 23, 2023
Untrusted search path in CleanZoom before file date 07/24/2023 may allow a privileged user to...
Moderate
Unreviewed
CVE-2023-39201
was published
Sep 12, 2023
ProTip!
Advisories are also available from the
GraphQL API