Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

686 advisories

Loading
DLL Injection in kerberos High
CVE-2020-13110 was published for kerberos (npm) Sep 4, 2020
jhutchings1
Insecure path handling in Bundler High
CVE-2019-3881 was published for bundler (RubyGems) May 10, 2021
Local Privilege Escalation in cloudflared High
CVE-2020-24356 was published for github.com/cloudflare/cloudflared (Go) May 24, 2021
AgentBTZ uhthomas
Arbitrary code execution due to an uncontrolled search path for the git binary Critical
CVE-2021-28955 was published for github.com/MichaelMure/git-bug (Go) May 25, 2021
Uncontrolled Search Path Element in sharkdp/bat High
CVE-2021-36753 was published for bat (Rust) Aug 25, 2021
Relative Path Traversal in git-delta High
CVE-2021-36376 was published for git-delta (Rust) Aug 25, 2021
Antilles Dependency Confusion Vulnerability High
CVE-2021-3840 was published for antilles-tools (pip) Nov 3, 2021
DLL hijacking could lead to denial of service. The following products are affected: Acronis Cyber... Moderate Unreviewed
CVE-2021-44199 was published Nov 30, 2021
DLL hijacking could lead to local privilege escalation. The following products are affected:... High Unreviewed
CVE-2021-44198 was published Nov 30, 2021
An unsafe search path vulnerability in FortiClientWindows 7.0.0, 6.4.6 and below, 6.2.x, 6.0.x... High Unreviewed
CVE-2021-32592 was published Dec 2, 2021
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. The Unitrends Windows... High Unreviewed
CVE-2021-43037 was published Dec 7, 2021
SonicWall Global VPN client version 4.10.6 (32-bit and 64-bit) and earlier have a DLL Search... High Unreviewed
CVE-2021-20047 was published Dec 9, 2021
Rapid7 Insight Agent, versions 3.0.1 to 3.1.2.34, suffer from a local privilege escalation due to... High Unreviewed
CVE-2021-4007 was published Dec 15, 2021
A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL... High Unreviewed
CVE-2021-40161 was published Dec 24, 2021
Users have access to the directory where the installation repair occurs. Since the MS Installer... High Unreviewed
CVE-2021-30360 was published Jan 11, 2022
Uncontrolled search path element vulnerability in McAfee TechCheck prior to 4.0.0.2 allows a... High Unreviewed
CVE-2022-0129 was published Jan 12, 2022
A local privilege escalation (PE) vulnerability exists in the Palo Alto Networks Cortex XDR agent... High Unreviewed
CVE-2022-0015 was published Jan 13, 2022
Missing DLLs, if replaced by an insider, could allow an attacker to achieve local privilege... High Unreviewed
CVE-2021-44463 was published Jan 29, 2022
Local privilege escalation due to DLL hijacking vulnerability in Acronis Media Builder service.... High Unreviewed
CVE-2021-44206 was published Feb 10, 2022
Local privilege escalation due to DLL hijacking vulnerability. The following products are... High Unreviewed
CVE-2021-44205 was published Feb 10, 2022
AMD Radeon Software may be vulnerable to DLL Hijacking through path variable. An unprivileged... High Unreviewed
CVE-2020-12891 was published Feb 10, 2022
SAP Adaptive Server Enterprise (ASE) - version 16.0, installation makes an entry in the system... High Unreviewed
CVE-2022-22528 was published Feb 11, 2022
Uncontrolled search path in the Intel(R) GPA software before version 21.2 may allow an... High Unreviewed
CVE-2021-33101 was published Feb 11, 2022
Uncontrolled Search Path Element in software for Intel(R) PROSet/Wireless Wi-Fi in Windows 10 and... Moderate Unreviewed
CVE-2021-0169 was published Feb 11, 2022
Git LFS can execute a Git binary from the current directory Critical
CVE-2020-27955 was published for github.com/git-lfs/git-lfs (Go) Feb 11, 2022
dawidgolunski
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database