Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

129 advisories

Loading
SAP HCM Fiori App My Forms (Fiori 2.0) - version 605, does not perform necessary authorization... Moderate Unreviewed
CVE-2023-1903 was published Apr 11, 2023
An issue was discovered in Acuant AcuFill SDK before 10.22.02.03. During SDK repair, certutil.exe... Moderate Unreviewed
CVE-2022-48223 was published Apr 4, 2023
McAfee Total Protection prior to 16.0.49 allows attackers to elevate user privileges due to DLL... Moderate Unreviewed
CVE-2023-24578 was published Mar 13, 2023
An issue in the Trend Micro Apex One agent could allow an attacker who has previously acquired... Moderate Unreviewed
CVE-2023-25147 was published Mar 10, 2023
On versions beginning in 7.1.5 to before 7.2.3.1, a DLL hijacking vulnerability exists in the BIG... Moderate Unreviewed
CVE-2023-22283 was published Feb 1, 2023
Razer Synapse before 3.7.0830.081906 allows privilege escalation due to an unsafe installation... Moderate Unreviewed
CVE-2022-47632 was published Jan 27, 2023
When opening a Windows shortcut from the local filesystem, an attacker could supply a remote path... Moderate Unreviewed
CVE-2022-36314 was published Dec 22, 2022
An uncontrolled search path vulnerability exists in Trellix Agent (TA) for Windows in versions... Moderate Unreviewed
CVE-2022-3859 was published Nov 30, 2022
IBM i Access Family 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.0 could allow a local... Moderate Unreviewed
CVE-2022-40746 was published Nov 21, 2022
A cryptographic vulnerability exists on Node.js on linux in versions of 18.x prior to 18.40.0... Moderate Unreviewed
CVE-2022-32222 was published Jul 15, 2022
NVIDIA GeForce Experience (prior to 3.20.1) and Windows GPU Display Driver (all versions)... Moderate Unreviewed
CVE-2019-5695 was published May 24, 2022
NVIDIA GeForce Experience, all versions prior to 3.20.1, contains a vulnerability when GameStream... Moderate Unreviewed
CVE-2019-5701 was published May 24, 2022
NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in NVIDIA Control Panel... Moderate Unreviewed
CVE-2019-5694 was published May 24, 2022
IBM i2 iBase 8.9.13 could allow a local authenticated attacker to execute arbitrary code on the... Moderate Unreviewed
CVE-2020-4623 was published May 24, 2022
Stormshield Endpoint Security Evolution 2.0.0 through 2.0.2 does not accomplish the intended... Moderate Unreviewed
CVE-2021-35957 was published May 24, 2022
A vulnerability in the DLL loading mechanism of Cisco AnyConnect Secure Mobility Client for... Moderate Unreviewed
CVE-2021-1567 was published May 24, 2022
Adobe Genuine Service version 6.6 (and earlier) is affected by an Uncontrolled Search Path... Moderate Unreviewed
CVE-2020-9681 was published May 24, 2022
Adobe Genuine Service version 6.6 (and earlier) is affected by an Uncontrolled Search Path... Moderate Unreviewed
CVE-2020-9667 was published May 24, 2022
An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU_2.31_V1.1.47ae55.... Moderate Unreviewed
CVE-2020-24578 was published May 24, 2022
snapcraft Access Restriction Bypass Moderate
CVE-2020-27348 was published for snapcraft (pip) May 24, 2022
CyberArk Endpoint Privilege Manager (EPM) 11.1.0.173 allows attackers to bypass a Credential... Moderate Unreviewed
CVE-2020-25738 was published May 24, 2022
RabbitMQ versions 3.8.x prior to 3.8.7 are prone to a Windows-specific binary planting security... Moderate Unreviewed
CVE-2020-5419 was published May 24, 2022
When the Windows DLL "webauthn.dll" was missing from the Operating System, and a malicious one... Moderate Unreviewed
CVE-2020-12423 was published May 24, 2022
In Python 3.6 through 3.6.10, 3.7 through 3.7.8, 3.8 through 3.8.4rc1, and 3.9 through 3.9.0b4 on... Moderate Unreviewed
CVE-2020-15523 was published May 24, 2022
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to execute... Moderate Unreviewed
CVE-2019-20419 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API