GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
64 advisories
Filter by severity
pnpm no-script global cache poisoning via overrides / `ignore-scripts` evasion
Moderate
CVE-2024-53866
was published
for
pnpm
(npm)
Dec 10, 2024
Untrusted Search Path vulnerability in OpenText™ Application Lifecycle Management (ALM),Quality...
Moderate
Unreviewed
CVE-2023-32266
was published
Oct 16, 2024
SAP BusinessObjects Business Intelligence Platform allows a high privilege user to run client...
Moderate
Unreviewed
CVE-2024-45281
was published
Sep 10, 2024
An untrusted search path vulnerability in B&R APROL <= R 4.4-00P3 may be used by an authenticated...
Moderate
Unreviewed
CVE-2024-5623
was published
Aug 29, 2024
Untrusted search path in the installer for Zoom Workplace Desktop App for macOS and Zoom Meeting...
Moderate
Unreviewed
CVE-2024-42439
was published
Aug 14, 2024
Samsung Magician 8.0.0 on Windows allows an admin to escalate privileges by tampering with the...
Moderate
Unreviewed
CVE-2024-36071
was published
Jun 20, 2024
This vulnerability exists in AppSamvid software due to the usage of vulnerable and outdated...
Moderate
Unreviewed
CVE-2024-25103
was published
Mar 6, 2024
Multiple components of Iconics SCADA Suite are prone to a Phantom DLL loading vulnerability. This...
Moderate
Unreviewed
CVE-2023-6061
was published
Dec 8, 2023
Untrusted search path in CleanZoom before file date 07/24/2023 may allow a privileged user to...
Moderate
Unreviewed
CVE-2023-39201
was published
Sep 12, 2023
Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are...
Moderate
Unreviewed
CVE-2023-29299
was published
Aug 10, 2023
Untrusted search path in Zoom Rooms for Windows before version 5.15.5 may allow an authenticated...
Moderate
Unreviewed
CVE-2023-39212
was published
Aug 9, 2023
An untrusted search path vulnerability exists in Node.js. <19.6.1, <18.14.1, <16.19.1, and <14.21...
Moderate
Unreviewed
CVE-2023-23920
was published
Feb 23, 2023
Dell EMC PowerScale OneFS contains an untrusted search path vulnerability. This vulnerability...
Moderate
Unreviewed
CVE-2021-21562
was published
May 24, 2022
NVIDIA GeForce Experience (prior to 3.20.1) and Windows GPU Display Driver (all versions)...
Moderate
Unreviewed
CVE-2019-5695
was published
May 24, 2022
NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in NVIDIA Control Panel...
Moderate
Unreviewed
CVE-2019-5694
was published
May 24, 2022
NVIDIA GeForce Experience, all versions prior to 3.20.1, contains a vulnerability when GameStream...
Moderate
Unreviewed
CVE-2019-5701
was published
May 24, 2022
Adobe Creative Cloud Desktop Application version 5.3 (and earlier) is affected by an Unquoted...
Moderate
Unreviewed
CVE-2021-21078
was published
May 24, 2022
Adobe Dreamweaver versions 21.0 (and earlier) and 20.2 (and earlier) is affected by an untrusted...
Moderate
Unreviewed
CVE-2021-21055
was published
May 24, 2022
An issue was discovered in Xen through 4.14.x. A guest may access xenstore paths via absolute...
Moderate
Unreviewed
CVE-2020-29482
was published
May 24, 2022
Check Point Endpoint Security Client for Windows, with Anti-Bot or Threat Emulation blades...
Moderate
Unreviewed
CVE-2020-6014
was published
May 24, 2022
HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have a path traversal vulnerability....
Moderate
Unreviewed
CVE-2020-9106
was published
May 24, 2022
DLL Injection Vulnerability in McAfee Agent (MA) for Windows prior to 5.6.6 allows local users to...
Moderate
Unreviewed
CVE-2020-7315
was published
May 24, 2022
Shenzhen Tencent TIM Windows client 3.0.0.21315 has a DLL hijacking vulnerability, which can be...
Moderate
Unreviewed
CVE-2020-24160
was published
May 24, 2022
NetEase Youdao Dictionary has a DLL hijacking vulnerability, which can be exploited by attackers...
Moderate
Unreviewed
CVE-2020-24159
was published
May 24, 2022
Guangzhou NetEase Mail Master 4.14.1.1004 on Windows has a DLL hijacking vulnerability. Attackers...
Moderate
Unreviewed
CVE-2020-24161
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API