Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+

411 advisories

Loading
Untrusted search path vulnerability in the installer of Content Transfer (for Windows) Ver.1.3... High Unreviewed
CVE-2022-41796 was published Oct 24, 2022
Poetry vulnerable to Untrusted Search Path leading to Local Code Execution on Windows High
CVE-2022-36070 was published for poetry (pip) Oct 11, 2022
paul-gerste-sonarsource
Untrusted search path vulnerability in the installer of Device Software Manager prior to Ver.2.20... High Unreviewed
CVE-2022-36403 was published Sep 9, 2022
Windows CSRSS Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22026,... High Unreviewed
CVE-2022-22047 was published Jul 13, 2022
Path settings in HMIStudio component of ABB PB610 Panel Builder 600 versions 2.8.0.424 and... High Unreviewed
CVE-2019-18996 was published May 24, 2022
Adobe Dreamweaver direct download installer versions 19.0 and below, 18.0 and below have an... High Unreviewed
CVE-2019-7956 was published May 24, 2022
Uncontrolled search path in the Intel(R) RealSense(TM) D400 Series UWP driver for Windows 10... High Unreviewed
CVE-2021-33063 was published May 24, 2022
An untrusted search path in AMD Radeon settings Installer may lead to a privilege escalation or... High Unreviewed
CVE-2020-12892 was published May 24, 2022
When Octopus Tentacle is installed using a custom folder location, folder ACLs are not set... High Unreviewed
CVE-2021-26557 was published May 24, 2022
When Octopus Server is installed using a custom folder location, folder ACLs are not set... High Unreviewed
CVE-2021-26556 was published May 24, 2022
SupportAssist Client version 3.8 and 3.9 contains an Untrusted search path vulnerability that... High Unreviewed
CVE-2021-36297 was published May 24, 2022
A DLL sideloading vulnerability in McAfee Agent for Windows prior to 5.7.4 could allow a local... High Unreviewed
CVE-2021-31841 was published May 24, 2022
A DLL preloading vulnerability was reported in Lenovo Driver Management prior to version 2.9.0719... High Unreviewed
CVE-2021-3633 was published May 24, 2022
Encode.pm, as distributed in Perl through 5.34.0, allows local users to gain privileges via a... High Unreviewed
CVE-2021-36770 was published May 24, 2022
The OpenSSL component of the Teradici PCoIP Software Client prior to version 21.07.0 was compiled... High Unreviewed
CVE-2021-25699 was published May 24, 2022
The OpenSSL component of the Teradici PCoIP Standard Agent prior to version 21.07.0 was compiled... High Unreviewed
CVE-2021-25698 was published May 24, 2022
Untrusted search path vulnerability in The Installer of Overwolf 2.168.0.n and earlier allows an... High Unreviewed
CVE-2021-20726 was published May 24, 2022
Untrusted search path vulnerability in the installers of ScanSnap Manager prior to versions V7... High Unreviewed
CVE-2021-20722 was published May 24, 2022
GalaxyClient version 2.0.28.9 loads unsigned DLLs such as zlib1.dll, libgcc_s_dw2-1.dll and... High Unreviewed
CVE-2021-26807 was published May 24, 2022
A local privilege escalation vulnerability was discovered in Erlang/OTP prior to version 23.2.3.... High Unreviewed
CVE-2021-29221 was published May 24, 2022
The Dolby Audio X2 (DAX2) API service before 0.8.8.90 on Windows allows local users to gain... High Unreviewed
CVE-2021-3146 was published May 24, 2022
** UNSUPPORTED WHEN ASSIGNED ** CA eHealth Performance Manager through 6.3.2.12 is affected by... High Unreviewed
CVE-2021-28249 was published May 24, 2022
** UNSUPPORTED WHEN ASSIGNED ** CA eHealth Performance Manager through 6.3.2.12 is affected by... High Unreviewed
CVE-2021-28246 was published May 24, 2022
In Edge Client version 7.2.x before 7.2.1.1, 7.1.9.x before 7.1.9.8, and 7.1.x-7.1.8.x before 7.1... High Unreviewed
CVE-2021-22980 was published May 24, 2022
Acronis True Image for Windows prior to 2021 Update 3 allowed local privilege escalation due to a... High Unreviewed
CVE-2020-35145 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database