Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+

64 advisories

Loading
pnpm no-script global cache poisoning via overrides / `ignore-scripts` evasion Moderate
CVE-2024-53866 was published for pnpm (npm) Dec 10, 2024
ChALkeR
Untrusted Search Path vulnerability in OpenText™ Application Lifecycle Management (ALM),Quality... Moderate Unreviewed
CVE-2023-32266 was published Oct 16, 2024
An untrusted search path vulnerability in B&R APROL <= R 4.4-00P3 may be used by an authenticated... Moderate Unreviewed
CVE-2024-5623 was published Aug 29, 2024
SAP BusinessObjects Business Intelligence Platform allows a high privilege user to run client... Moderate Unreviewed
CVE-2024-45281 was published Sep 10, 2024
Untrusted search path in the installer for Zoom Workplace Desktop App for macOS and Zoom Meeting... Moderate Unreviewed
CVE-2024-42439 was published Aug 14, 2024
Samsung Magician 8.0.0 on Windows allows an admin to escalate privileges by tampering with the... Moderate Unreviewed
CVE-2024-36071 was published Jun 20, 2024
Untrusted search path in Zoom Rooms for Windows before version 5.15.5 may allow an authenticated... Moderate Unreviewed
CVE-2023-39212 was published Aug 9, 2023
Untrusted search path in CleanZoom before file date 07/24/2023 may allow a privileged user to... Moderate Unreviewed
CVE-2023-39201 was published Sep 12, 2023
Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are... Moderate Unreviewed
CVE-2023-29299 was published Aug 10, 2023
An issue was discovered in Xen through 4.14.x. A guest may access xenstore paths via absolute... Moderate Unreviewed
CVE-2020-29482 was published May 24, 2022
An Untrusted Search Path vulnerability in bdserviceshost.exe as used in Bitdefender Total... Moderate Unreviewed
CVE-2019-17100 was published May 24, 2022
A DLL side loading vulnerability in the Windows Service in TeamViewer versions up to 11.0.133222 ... Moderate Unreviewed
CVE-2019-18196 was published May 24, 2022
DLL Search Order Hijacking vulnerability in Microsoft Windows client in McAfee Total Protection ... Moderate Unreviewed
CVE-2019-3646 was published May 24, 2022
Redbrick Shift through 3.4.3 allows an attacker to extract emails of services (such as Gmail,... Moderate Unreviewed
CVE-2019-12912 was published May 24, 2022
HiSuite 9.1.0.300 versions and earlier contains a DLL hijacking vulnerability. This vulnerability... Moderate Unreviewed
CVE-2019-5245 was published May 24, 2022
Avira Software Updater before 2.0.6.21094 allows a DLL side-loading attack. Moderate Unreviewed
CVE-2019-17449 was published May 24, 2022
This vulnerability exists in AppSamvid software due to the usage of vulnerable and outdated... Moderate Unreviewed
CVE-2024-25103 was published Mar 6, 2024
Multiple components of Iconics SCADA Suite are prone to a Phantom DLL loading vulnerability. This... Moderate Unreviewed
CVE-2023-6061 was published Dec 8, 2023
Apache Ranger policy engine incorrectly matches paths in certain conditions Moderate
CVE-2016-8746 was published for org.apache.ranger:ranger-plugins-common (Maven) Oct 17, 2018
Untrusted search path vulnerability in gdk/win32/gdkinput-win32.c in GTK+ before 2.21.8 allows... Moderate Unreviewed
CVE-2010-4831 was published May 17, 2022
An untrusted search path vulnerability exists in Node.js. <19.6.1, <18.14.1, <16.19.1, and <14.21... Moderate Unreviewed
CVE-2023-23920 was published Feb 23, 2023
Some of the DLLs loaded by Check Point ZoneAlarm up to 15.4.062 are taken from directories where... Moderate Unreviewed
CVE-2019-8453 was published May 14, 2022
DLL Search Order Hijacking vulnerability in Microsoft Windows client in McAfee Total Protection ... Moderate Unreviewed
CVE-2019-3587 was published May 13, 2022
Untrusted search path vulnerability in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2,... Moderate Unreviewed
CVE-2014-0315 was published May 13, 2022
Untrusted search path vulnerability in Explzh 5.67 and earlier allows local users to gain... Moderate Unreviewed
CVE-2010-3159 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database