Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

401 advisories

Loading
Untrusted search path vulnerability in LOGICOOL Game Software versions before 8.87.116 allows an... High Unreviewed
CVE-2018-0620 was published May 14, 2022
AnyDesk before "12.06.2018 - 4.1.3" on Windows 7 SP1 has a DLL preloading vulnerability. High Unreviewed
CVE-2018-13102 was published May 14, 2022
Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows... High Unreviewed
CVE-2016-10009 was published May 14, 2022
Golden Frog VyprVPN before 2018-06-21 has a vulnerability associated with the installation... High Unreviewed
CVE-2018-13133 was published May 14, 2022
Untrusted search path vulnerability in the installer of FLET'S VIRUS CLEAR Easy Setup &... High Unreviewed
CVE-2018-0563 was published May 14, 2022
Polaris Office 2017 8.1 allows attackers to execute arbitrary code via a Trojan horse... High Unreviewed
CVE-2018-12589 was published May 14, 2022
Untrusted search path vulnerability in the installer of Visual C++ Redistributable allows an... High Unreviewed
CVE-2018-0599 was published May 14, 2022
Untrusted search path vulnerability in LINE for Windows versions before 5.8.0 allows an attacker... High Unreviewed
CVE-2018-0609 was published May 14, 2022
Untrusted search path vulnerability in Self-extracting archive files created by IExpress bundled... High Unreviewed
CVE-2018-0598 was published May 14, 2022
Untrusted search path vulnerability in axpdfium v0.01 allows an attacker to gain privileges via a... High Unreviewed
CVE-2018-0601 was published May 14, 2022
Untrusted search path vulnerability in the installer of PlayMemories Home for Windows ver.5.5.01... High Unreviewed
CVE-2018-0600 was published May 14, 2022
Untrusted search path vulnerability in the installer of Skype for Windows allows an attacker to... High Unreviewed
CVE-2018-0595 was published May 14, 2022
Untrusted search path vulnerability in the installer of Visual Studio Community allows an... High Unreviewed
CVE-2018-0596 was published May 14, 2022
Untrusted search path vulnerability in Skype for Windows allows an attacker to gain privileges... High Unreviewed
CVE-2018-0594 was published May 14, 2022
Untrusted search path vulnerability in the installer of Microsoft OneDrive allows an attacker to... High Unreviewed
CVE-2018-0593 was published May 14, 2022
Untrusted search path vulnerability in Microsoft OneDrive allows an attacker to gain privileges... High Unreviewed
CVE-2018-0592 was published May 14, 2022
The Firefox installer on Windows can be made to load malicious DLL files stored in the same... High Unreviewed
CVE-2017-7755 was published May 14, 2022
In Puppet Agent 1.10.x prior to 1.10.13, Puppet Agent 5.3.x prior to 5.3.7, Puppet Agent 5.5.x... High Unreviewed
CVE-2018-6514 was published May 14, 2022
An issue was discovered in DisplayLink Core Software Cleaner Application 8.2.1956. When the... High Unreviewed
CVE-2018-7884 was published May 14, 2022
AXON PBX 2.02 contains a DLL hijacking vulnerability that could allow an unauthenticated, remote... High Unreviewed
CVE-2018-11551 was published May 14, 2022
There is an Insufficient Path Validation Vulnerability in Citrix XenMobile Server 10.8 before RP2... High Unreviewed
CVE-2018-10650 was published May 14, 2022
Adobe InDesign versions 13.0 and below have an exploitable Untrusted Search Path vulnerability.... High Unreviewed
CVE-2018-4927 was published May 14, 2022
Untrusted search path vulnerability in CELSYS, Inc CLIP STUDIO series (CLIP STUDIO PAINT (for... High Unreviewed
CVE-2018-0580 was published May 14, 2022
ESTsoft ALZip before 10.76 allows local users to execute arbitrary code via creating a malicious ... High Unreviewed
CVE-2018-10027 was published May 14, 2022
The Installer in Whale allows DLL hijacking. High Unreviewed
CVE-2017-15913 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database