Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,170
Erlang
30
GitHub Actions
19
Go
1,981
Maven
5,000+
npm
3,700
NuGet
656
pip
3,319
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

135 advisories

Loading
Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x searches for and loads DLLs as dynamic... Moderate Unreviewed
CVE-2020-25182 was published Mar 19, 2022
When opening a Windows shortcut from the local filesystem, an attacker could supply a remote path... Moderate Unreviewed
CVE-2022-36314 was published Dec 22, 2022
In Python 3.6 through 3.6.10, 3.7 through 3.7.8, 3.8 through 3.8.4rc1, and 3.9 through 3.9.0b4 on... Moderate Unreviewed
CVE-2020-15523 was published May 24, 2022
A vulnerability in the DLL loading mechanism of Cisco AnyConnect Secure Mobility Client for... Moderate Unreviewed
CVE-2021-1567 was published May 24, 2022
An uncontrolled search path vulnerability exists in Trellix Agent (TA) for Windows in versions... Moderate Unreviewed
CVE-2022-3859 was published Nov 30, 2022
Adobe Animate CC versions 19.2.1 and earlier have an insecure library loading (dll hijacking)... Moderate Unreviewed
CVE-2019-7960 was published May 24, 2022
In Sony Catalyst Production Suite through 2019.1 (1.1.0.21) and Catalyst Browse through 2019.1 (1... Moderate Unreviewed
CVE-2019-19364 was published May 24, 2022
Trend Micro HouseCall for Home Networks (versions below 5.3.0.1063) could be exploited via a DLL... Moderate Unreviewed
CVE-2019-19689 was published May 24, 2022
The usage of Tomcat in Jira before version 8.5.2 allows local attackers with permission to write... Moderate Unreviewed
CVE-2019-20400 was published May 24, 2022
The usage of Tomcat in Confluence on the Microsoft Windows operating system before version 7.0.5,... Moderate Unreviewed
CVE-2019-20406 was published May 24, 2022
A vulnerability in the installer component of Cisco AnyConnect Secure Mobility Client for Windows... Moderate Unreviewed
CVE-2020-3153 was published May 24, 2022
Uncontrolled search path element in the installer for Intel(R) Graphics Drivers before versions... Moderate Unreviewed
CVE-2020-0515 was published May 24, 2022
Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017... Moderate Unreviewed
CVE-2020-3803 was published May 24, 2022
A Windows privilege change issue was discovered in Splashtop Software Updater before 1.5.6.16.... Moderate Unreviewed
CVE-2020-12431 was published May 24, 2022
In Fazecast jSerialComm, Version 2.2.2 and prior, an uncontrolled search path element... Moderate Unreviewed
CVE-2020-10626 was published May 24, 2022
Mids' Reborn Hero Designer 2.6.0.7 has an elevation of privilege vulnerability due to default and... Moderate Unreviewed
CVE-2020-11613 was published May 24, 2022
A vulnerability has been identified in SIMATIC PCS 7 (All versions), SIMATIC PDM (All versions),... Moderate Unreviewed
CVE-2020-7585 was published May 24, 2022
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to execute... Moderate Unreviewed
CVE-2019-20419 was published May 24, 2022
RabbitMQ versions 3.8.x prior to 3.8.7 are prone to a Windows-specific binary planting security... Moderate Unreviewed
CVE-2020-5419 was published May 24, 2022
CyberArk Endpoint Privilege Manager (EPM) 11.1.0.173 allows attackers to bypass a Credential... Moderate Unreviewed
CVE-2020-25738 was published May 24, 2022
Adobe Genuine Service version 6.6 (and earlier) is affected by an Uncontrolled Search Path... Moderate Unreviewed
CVE-2020-9681 was published May 24, 2022
Adobe Genuine Service version 6.6 (and earlier) is affected by an Uncontrolled Search Path... Moderate Unreviewed
CVE-2020-9667 was published May 24, 2022
Stormshield Endpoint Security Evolution 2.0.0 through 2.0.2 does not accomplish the intended... Moderate Unreviewed
CVE-2021-35957 was published May 24, 2022
IBM i2 iBase 8.9.13 could allow a local authenticated attacker to execute arbitrary code on the... Moderate Unreviewed
CVE-2020-4623 was published May 24, 2022
NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in NVIDIA Control Panel... Moderate Unreviewed
CVE-2019-5694 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database