GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
469 advisories
Filter by severity
DLL hijacking in the management console of Ivanti Workspace Control version 10.18.0.0 and below...
High
Unreviewed
CVE-2024-44103
was published
Sep 10, 2024
SAP BusinessObjects Business Intelligence Platform allows a high privilege user to run client...
Moderate
Unreviewed
CVE-2024-45281
was published
Sep 10, 2024
Yandex Browser for Desktop before 24.7.1.380 has a DLL Hijacking Vulnerability because an...
High
Unreviewed
CVE-2024-6473
was published
Sep 3, 2024
An untrusted search path vulnerability in the AprolConfigureCCServices of B&R APROL <= R 4.2....
High
Unreviewed
CVE-2024-5622
was published
Aug 29, 2024
An untrusted search path vulnerability in B&R APROL <= R 4.4-00P3 may be used by an authenticated...
Moderate
Unreviewed
CVE-2024-5623
was published
Aug 29, 2024
Dell SupportAssist for Home PCs Installer exe version 4.0.3 contains a privilege escalation...
High
Unreviewed
CVE-2024-38305
was published
Aug 21, 2024
Untrusted search path in the installer for Zoom Workplace Desktop App for macOS and Zoom Meeting...
Moderate
Unreviewed
CVE-2024-42439
was published
Aug 14, 2024
Dimension versions 3.4.11 and earlier are affected by an Untrusted Search Path vulnerability that...
High
Unreviewed
CVE-2024-41865
was published
Aug 14, 2024
Untrusted Search Path vulnerability in Cato Networks SDP Client on Windows allows Privilege...
High
Unreviewed
CVE-2024-6975
was published
Jul 31, 2024
Premiere Pro versions 23.6.5, 24.4.1 and earlier are affected by an Untrusted Search Path...
High
Unreviewed
CVE-2024-34123
was published
Jul 9, 2024
Microsoft Dataverse Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-35260
was published
Jun 27, 2024
Samsung Magician 8.0.0 on Windows allows an admin to escalate privileges by tampering with the...
Moderate
Unreviewed
CVE-2024-36071
was published
Jun 20, 2024
iRODS before 4.3.2 provides an msiSendMail function with a problematic dependency on the mail...
Critical
Unreviewed
CVE-2024-38462
was published
Jun 16, 2024
Microsoft SharePoint Server Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-30100
was published
Jun 11, 2024
A local low privileged attacker can use an untrusted search path in...
High
Unreviewed
CVE-2024-28133
was published
May 14, 2024
Windows Kernel Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-20693
was published
Apr 9, 2024
Lightroom Desktop versions 7.1.2 and earlier are affected by an Untrusted Search Path...
High
Unreviewed
CVE-2024-20754
was published
Mar 18, 2024
Microsoft Exchange Server Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-26198
was published
Mar 12, 2024
Windows OLE Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-21435
was published
Mar 12, 2024
This vulnerability exists in AppSamvid software due to the usage of vulnerable and outdated...
Moderate
Unreviewed
CVE-2024-25103
was published
Mar 6, 2024
electron-builder's NSIS installer - execute arbitrary code on the target machine (Windows only)
High
CVE-2024-27303
was published
for
app-builder-lib
(npm)
Mar 4, 2024
Untrusted search path in some Zoom 32 bit Windows clients may allow an authenticated user to...
High
Unreviewed
CVE-2024-24697
was published
Feb 14, 2024
PanelSwWix4.Sdk .be TEMP folder is vulnerable to DLL redirection attacks that allow the attacker to escalate privileges
High
GHSA-8v28-3g86-chj5
was published
for
PanelSwWix4.Sdk
(NuGet)
Feb 8, 2024
Panel::Software Customized WiX .be TEMP folder is vulnerable to DLL redirection attacks that allow the attacker to escalate privileges
High
GHSA-259p-rvjx-ffwg
was published
for
PanelSW.Custom.WiX
(NuGet)
Feb 8, 2024
WiX Toolset's .be TEMP folder is vulnerable to DLL redirection attacks that allow the attacker to escalate privileges
High
CVE-2024-24810
was published
for
wix
(NuGet)
Feb 8, 2024
ProTip!
Advisories are also available from the
GraphQL API