Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

686 advisories

Loading
In PuTTY versions before 0.71 on Windows, local attackers could hijack the application by putting... High Unreviewed
CVE-2019-9896 was published May 13, 2022
The Debian python-rdflib-tools 4.2.2-1 package for RDFLib 4.2.2 has CLI tools that can load... Critical Unreviewed
CVE-2019-7653 was published May 13, 2022
Uncontrolled search path in the Intel(R) XTU software before version 7.3.0.33 may allow an... High Unreviewed
CVE-2022-22139 was published May 13, 2022
A vulnerability exists in XINJE XD/E Series PLC Program Tool in versions up to v3.5.1 that can... High Unreviewed
CVE-2021-34606 was published May 12, 2022
A local privilege escalation (PE) vulnerability exists in Palo Alto Networks Cortex XDR agent... High Unreviewed
CVE-2022-0025 was published May 12, 2022
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x... Moderate Unreviewed
CVE-2022-28247 was published May 12, 2022
A misconfiguration in the node default path allows for local privilege escalation from a lower... High Unreviewed
CVE-2021-42743 was published May 7, 2022
On F5 BIG-IP APM 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x... High Unreviewed
CVE-2022-28714 was published May 6, 2022
SonicWall Global VPN Client 4.10.7.1117 installer (32-bit and 64-bit) and earlier versions have a... High Unreviewed
CVE-2021-20051 was published May 5, 2022
DLL hijacking vulnerability in Gear IconX PC Manager prior to version 2.1.220405.51 allows... High Unreviewed
CVE-2022-28792 was published May 4, 2022
Cheetah Path Search Order Hijacking High
CVE-2005-1632 was published for cheetah (pip) May 1, 2022
Opera 7.54 and earlier on Gentoo Linux uses an insecure path for plugins, which could allow local... High Unreviewed
CVE-2005-0457 was published May 1, 2022
A DLL search path vulnerability was reported in Lenovo PCManager prior to version 4.0.40.2175... High Unreviewed
CVE-2022-0192 was published Apr 23, 2022
A vulnerability has been identified in SIMATIC Energy Manager Basic (All versions < V7.3 Update 1... High Unreviewed
CVE-2022-23449 was published Apr 13, 2022
DLL hijacking vulnerability in Smart Switch PC prior to version 4.2.22022_4 allows attacker to... High Unreviewed
CVE-2022-27842 was published Apr 12, 2022
Uncontrolled search path element vulnerability in Samsung Update prior to version 3.0.77.0 allows... High Unreviewed
CVE-2022-28541 was published Apr 12, 2022
DLL hijacking vulnerability in Kies prior to version 2.6.4.22014_2 allows attacker to execute... High Unreviewed
CVE-2022-27843 was published Apr 12, 2022
Uncontrolled search path element vulnerability in Samsung Android USB Driver windows installer... High Unreviewed
CVE-2022-28779 was published Apr 12, 2022
A DLL hijacking vulnerability in Samsung portable SSD T5 PC software before 1.6.9 could allow a... High Unreviewed
CVE-2022-25154 was published Apr 6, 2022
Delta Electronics DIAEnergie (all versions prior to 1.8.02.004) are vulnerable to a DLL hijacking... High Unreviewed
CVE-2022-1098 was published Apr 3, 2022
Dell Command | Update, Dell Update, and Alienware Update versions prior to 4.5 contain a Local... High Unreviewed
CVE-2022-24426 was published Apr 2, 2022
The G-RAID 4/8 Software Utility setups for Windows were affected by a DLL hijacking vulnerability... High Unreviewed
CVE-2022-22996 was published Mar 31, 2022
Razer Synapse before 3.7.0228.022817 allows privilege escalation because it relies on ... High Unreviewed
CVE-2021-44226 was published Mar 25, 2022
Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x searches for and loads DLLs as dynamic... Moderate Unreviewed
CVE-2020-25182 was published Mar 19, 2022
The installer of WPS Office Version 10.8.0.5745 insecurely load shcore.dll, allowing an attacker... High Unreviewed
CVE-2022-26081 was published Mar 18, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database