Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,347
Erlang
31
GitHub Actions
22
Go
2,117
Maven
5,000+
npm
3,768
NuGet
680
pip
3,457
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

10 advisories

Loading
iRODS before 4.3.2 provides an msiSendMail function with a problematic dependency on the mail... Critical Unreviewed
CVE-2024-38462 was published Jun 16, 2024
SoftExpert (SE) Excellence Suite 2.x versions before 2.1.3 is vulnerable to Local File Inclusion... Critical Unreviewed
CVE-2023-30330 was published May 23, 2023
A vulnerability was found in Redis. It has been declared as critical. This vulnerability affects... Critical Unreviewed
CVE-2022-3734 was published Oct 28, 2022
Untrusted search path vulnerability in EbidSettingChecker.exe (version 1.0.0.0) allows an... Critical Unreviewed
CVE-2017-2225 was published May 17, 2022
Format Factory 4.1.0 has a DLL Hijacking Vulnerability because an untrusted search path is used... Critical Unreviewed
CVE-2017-12414 was published May 17, 2022
Git before 2.19.2 on Linux and UNIX executes commands from the current working directory (as if '... Critical Unreviewed
CVE-2018-19486 was published May 14, 2022
Git LFS can execute a binary from the current directory on Windows Critical
CVE-2022-24826 was published for github.com/git-lfs/git-lfs (Go) Apr 22, 2022
yuske
A untrusted search path issue was found in Calibre at devices/linux_mount_helper.c leading to the... Critical Unreviewed
CVE-2011-4125 was published Apr 22, 2022
Poetry before v1.1.9 contains Untrusted Search Path Critical
CVE-2022-26184 was published for poetry (pip) Mar 23, 2022
NVIDIA Omniverse Launcher contains a Cross-Origin Resource Sharing (CORS) vulnerability which can... Critical Unreviewed
CVE-2022-21817 was published Feb 8, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database