GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
16 advisories
Filter by severity
Arbitrary code execution due to an uncontrolled search path for the git binary
Critical
CVE-2021-28955
was published
for
github.com/MichaelMure/git-bug
(Go)
May 25, 2021
Git LFS can execute a Git binary from the current directory
Critical
CVE-2020-27955
was published
for
github.com/git-lfs/git-lfs
(Go)
Feb 11, 2022
Foxit PDF Reader before 11.2.1 and Foxit PDF Editor before 11.2.1 have an Uncontrolled Search...
Critical
Unreviewed
CVE-2022-24955
was published
Feb 12, 2022
The Debian python-rdflib-tools 4.2.2-1 package for RDFLib 4.2.2 has CLI tools that can load...
Critical
Unreviewed
CVE-2019-7653
was published
May 13, 2022
SolarWinds Orion Platform before 2018.4 Hotfix 2 allows privilege escalation through the RabbitMQ...
Critical
Unreviewed
CVE-2019-9546
was published
May 13, 2022
Adobe Digital Editions versions 4.5.4 and earlier contain an insecure library loading...
Critical
Unreviewed
CVE-2017-3090
was published
May 13, 2022
Adobe Digital Editions versions 4.5.4 and earlier contain an insecure library loading...
Critical
Unreviewed
CVE-2017-3097
was published
May 13, 2022
Adobe Digital Editions versions 4.5.4 and earlier contain an insecure library loading...
Critical
Unreviewed
CVE-2017-3092
was published
May 13, 2022
Microsoft Skype 7.16.0.102 contains a vulnerability that could allow an unauthenticated, remote...
Critical
Unreviewed
CVE-2017-6517
was published
May 13, 2022
Adobe Connect versions 9.7.5 and earlier have an Insecure Library Loading vulnerability....
Critical
Unreviewed
CVE-2018-12805
was published
May 13, 2022
A vulnerability was found in Redis. It has been declared as critical. This vulnerability affects...
Critical
Unreviewed
CVE-2022-3734
was published
Oct 28, 2022
Uncontrolled Search Path Element in CLUSTERPRO X 5.0 for Windows and earlier, EXPRESSCLUSTER X 5...
Critical
Unreviewed
CVE-2022-34825
was published
Nov 9, 2022
An uncontrolled search path element vulnerability in the Trend Micro Apex One Server installer...
Critical
Unreviewed
CVE-2023-25143
was published
Mar 10, 2023
pipreqs vulnerable to Dependency Confusion
Critical
CVE-2023-31543
was published
for
pipreqs
(pip)
Jun 30, 2023
SAP Business Objects Installer - versions 420, 430, allows an authenticated attacker within the...
Critical
Unreviewed
CVE-2023-37490
was published
Aug 8, 2023
An issue in Plone Docker Official Image 5.2.13 (5221) open-source software that could allow for...
Critical
Unreviewed
CVE-2024-23054
was published
Feb 5, 2024
ProTip!
Advisories are also available from the
GraphQL API