Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,319
Erlang
31
GitHub Actions
21
Go
2,077
Maven
5,000+
npm
3,746
NuGet
674
pip
3,435
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

490 advisories

Loading
Insecure SPANK environment variable handling exists in SchedMD Slurm before 16.05.11, 17.x before... High Unreviewed
CVE-2017-15566 was published May 13, 2022
Multiple untrusted search path vulnerabilities in the installer in Synology Cloud Station Drive... High Unreviewed
CVE-2017-11158 was published May 13, 2022
Multiple untrusted search path vulnerabilities in installer in Synology Photo Station Uploader... High Unreviewed
CVE-2017-11159 was published May 13, 2022
A vulnerability in the Cisco FindIT Network Discovery Utility could allow an authenticated, local... High Unreviewed
CVE-2017-12252 was published May 13, 2022
The Whale browser installer 0.4.3.0 and earlier versions allows DLL hijacking. High Unreviewed
CVE-2018-12449 was published May 13, 2022
IBM Notes 8.5 and 9.0 is vulnerable to a DLL hijacking attack. A remote attacker could trick a... High Unreviewed
CVE-2018-1435 was published May 13, 2022
IBM Notes 8.5 and 9.0 could allow an attacker to execute arbitrary code on the system, caused by... High Unreviewed
CVE-2018-1437 was published May 13, 2022
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10,1, 10.5 and 11.1 could... High Unreviewed
CVE-2018-1458 was published May 13, 2022
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5 and 11.1... High Unreviewed
CVE-2018-1487 was published May 13, 2022
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1... High Unreviewed
CVE-2018-1802 was published May 13, 2022
An untrusted search path vulnerability in IBM i Access for Windows versions 7.1 and earlier on... High Unreviewed
CVE-2018-1888 was published May 13, 2022
Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have an unquoted search path or... High Unreviewed
CVE-2018-5470 was published May 13, 2022
DLL Side-Loading vulnerability in Microsoft Windows Client in McAfee True Key before 4.20.110... High Unreviewed
CVE-2018-6661 was published May 13, 2022
DLL Search Order Hijacking vulnerability in Microsoft Windows Client in McAfee True Key (TK)... High Unreviewed
CVE-2018-6700 was published May 13, 2022
All versions up to ZXCLOUD iRAI V5.01.05 of the ZTE uSmartView product are impacted by untrusted... High Unreviewed
CVE-2018-7365 was published May 13, 2022
DLL Search Order Hijacking vulnerability in Microsoft Windows client in McAfee Total Protection ... Moderate Unreviewed
CVE-2019-3587 was published May 13, 2022
A DLL search path vulnerability was reported in Lenovo Bootable Generator, prior to version Mar... High Unreviewed
CVE-2019-6154 was published May 13, 2022
The agent in Bomgar Remote Support 15.2.x before 15.2.3, 16.1.x before 16.1.5, and 16.2.x before... High Unreviewed
CVE-2017-5996 was published May 13, 2022
In Golden Frog VyprVPN before 2.15.0.5828 for macOS, the vyprvpnservice launch daemon has an... High Unreviewed
CVE-2017-17809 was published May 13, 2022
Untrusted search path vulnerability in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2,... Moderate Unreviewed
CVE-2014-0315 was published May 13, 2022
Untrusted search path vulnerability in Explzh 5.67 and earlier allows local users to gain... Moderate Unreviewed
CVE-2010-3159 was published May 13, 2022
Untrusted search path vulnerability in Git 1.x for Windows allows local users to gain privileges... High Unreviewed
CVE-2016-9274 was published May 13, 2022
Foxit PDF Compressor installers from versions from 7.0.0.183 to 7.7.2.10 contain a DLL preloading... High Unreviewed
CVE-2017-12892 was published May 13, 2022
Dashlane might allow local users to gain privileges by placing a Trojan horse WINHTTP.dll in the ... High Unreviewed
CVE-2017-11657 was published May 13, 2022
The barracudavpn component of the Barracuda VPN Client prior to version 5.0.2.7 for Linux, macOS,... High Unreviewed
CVE-2019-6724 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database