Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,285
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,741
NuGet
668
pip
3,422
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

393 advisories

Loading
An exploitable dll hijacking vulnerability exists in the poaService.exe service component of the... High Unreviewed
CVE-2017-2802 was published May 14, 2022
The Installer in Whale allows DLL hijacking. High Unreviewed
CVE-2017-15913 was published May 14, 2022
ESTsoft ALZip before 10.76 allows local users to execute arbitrary code via creating a malicious ... High Unreviewed
CVE-2018-10027 was published May 14, 2022
Untrusted search path vulnerability in CELSYS, Inc CLIP STUDIO series (CLIP STUDIO PAINT (for... High Unreviewed
CVE-2018-0580 was published May 14, 2022
Adobe InDesign versions 13.0 and below have an exploitable Untrusted Search Path vulnerability.... High Unreviewed
CVE-2018-4927 was published May 14, 2022
There is an Insufficient Path Validation Vulnerability in Citrix XenMobile Server 10.8 before RP2... High Unreviewed
CVE-2018-10650 was published May 14, 2022
AXON PBX 2.02 contains a DLL hijacking vulnerability that could allow an unauthenticated, remote... High Unreviewed
CVE-2018-11551 was published May 14, 2022
An issue was discovered in DisplayLink Core Software Cleaner Application 8.2.1956. When the... High Unreviewed
CVE-2018-7884 was published May 14, 2022
In Puppet Agent 1.10.x prior to 1.10.13, Puppet Agent 5.3.x prior to 5.3.7, Puppet Agent 5.5.x... High Unreviewed
CVE-2018-6514 was published May 14, 2022
The Firefox installer on Windows can be made to load malicious DLL files stored in the same... High Unreviewed
CVE-2017-7755 was published May 14, 2022
Untrusted search path vulnerability in Microsoft OneDrive allows an attacker to gain privileges... High Unreviewed
CVE-2018-0592 was published May 14, 2022
Untrusted search path vulnerability in the installer of Microsoft OneDrive allows an attacker to... High Unreviewed
CVE-2018-0593 was published May 14, 2022
Untrusted search path vulnerability in the installer of Visual Studio Community allows an... High Unreviewed
CVE-2018-0596 was published May 14, 2022
Untrusted search path vulnerability in Skype for Windows allows an attacker to gain privileges... High Unreviewed
CVE-2018-0594 was published May 14, 2022
Untrusted search path vulnerability in the installer of Skype for Windows allows an attacker to... High Unreviewed
CVE-2018-0595 was published May 14, 2022
Untrusted search path vulnerability in axpdfium v0.01 allows an attacker to gain privileges via a... High Unreviewed
CVE-2018-0601 was published May 14, 2022
Untrusted search path vulnerability in the installer of PlayMemories Home for Windows ver.5.5.01... High Unreviewed
CVE-2018-0600 was published May 14, 2022
Untrusted search path vulnerability in Self-extracting archive files created by IExpress bundled... High Unreviewed
CVE-2018-0598 was published May 14, 2022
Untrusted search path vulnerability in LINE for Windows versions before 5.8.0 allows an attacker... High Unreviewed
CVE-2018-0609 was published May 14, 2022
Untrusted search path vulnerability in the installer of Visual C++ Redistributable allows an... High Unreviewed
CVE-2018-0599 was published May 14, 2022
Polaris Office 2017 8.1 allows attackers to execute arbitrary code via a Trojan horse... High Unreviewed
CVE-2018-12589 was published May 14, 2022
Untrusted search path vulnerability in the installer of FLET'S VIRUS CLEAR Easy Setup &... High Unreviewed
CVE-2018-0563 was published May 14, 2022
Golden Frog VyprVPN before 2018-06-21 has a vulnerability associated with the installation... High Unreviewed
CVE-2018-13133 was published May 14, 2022
Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows... High Unreviewed
CVE-2016-10009 was published May 14, 2022
AnyDesk before "12.06.2018 - 4.1.3" on Windows 7 SP1 has a DLL preloading vulnerability. High Unreviewed
CVE-2018-13102 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database