GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 27,307
Composer 5,343
Erlang 44
GitHub Actions 45
Go 3,196
Maven 6,305
npm 5,177
NuGet 864
pip 4,483
Pub 12
RubyGems 992
Rust 1,186
Swift 51

Unreviewed advisories

All unreviewed 293,767

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

585 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on... High Unreviewed

CVE-2025-0141 was published Jul 10, 2025

Untrusted search path in certain Zoom Clients for Windows may allow an unauthenticated user to... Critical Unreviewed

CVE-2025-49457 was published Aug 13, 2025

A vulnerability was found in Mechrevo Control Center GX V2 5.56.51.48. Affected by this... High Unreviewed

CVE-2025-9000 was published Aug 15, 2025

A vulnerability was identified in Mechrevo Control Center GX V2 5.56.51.48. This affects an... High Unreviewed

CVE-2025-9016 was published Aug 15, 2025

A maliciously crafted binary file when downloaded could lead to escalation of privileges to NT... High Unreviewed

CVE-2024-7995 was published Nov 5, 2024

A maliciously crafted binary file when downloaded could lead to escalation of privileges to NT... High Unreviewed

CVE-2025-5335 was published Jun 10, 2025

A maliciously crafted binary file, when present while loading files in certain Autodesk... High Unreviewed

CVE-2025-5039 was published Jul 24, 2025

A maliciously crafted DLL file, when placed in the same directory as an RVT file could be loaded... High Unreviewed

CVE-2024-11454 was published Dec 9, 2024

A DLL Hijacking caused by drive remapping combined with a poisoning of the activation cache in... High Unreviewed

CVE-2024-6769 was published Sep 26, 2024

Race condition in the installer for certain Zoom Clients for Windows may allow an unauthenticated... Moderate Unreviewed

CVE-2025-49456 was published Aug 13, 2025

In Seagate Toolkit on Windows a vulnerability exists in the Toolkit Installer prior to versions 2... High Unreviewed

CVE-2025-9267 was published Sep 26, 2025

Unity Editor 2019.1 through 6000.3 could allow remote attackers to exploit file loading and Local... High Unreviewed

CVE-2025-59489 was published Oct 3, 2025

A security vulnerability has been detected in LibreWolf up to 143.0.4-1 on Windows. This affects... High Unreviewed

CVE-2025-11940 was published Oct 19, 2025

Windows CSRSS Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22026,... High Unreviewed

CVE-2022-22047 was published Jul 13, 2022

mDNSResponder.exe is vulnerable to DLL Sideloading attack. Executable improperly specifies how to... High Unreviewed

CVE-2022-23748 was published Nov 18, 2022

NVIDIA Container Toolkit for all platforms contains an Untrusted Search Path Critical

CVE-2025-23266 was published for github.com/NVIDIA/gpu-operator (Go) Jul 17, 2025

A weakness has been identified in Hasleo Backup Suite up to 5.2. Impacted is an unknown function... High Unreviewed

CVE-2025-12247 was published Oct 27, 2025

Apache Tomcat installer for Windows has an untrusted search path vulnerability Moderate

CVE-2025-49124 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Jun 16, 2025

Potential privilege escalation issue in Revenera InstallShield version 2023 R1 running a renamed... High Unreviewed

CVE-2024-14012 was published Oct 29, 2025

Perl threads have a working directory race condition where file operations may target unintended... Moderate Unreviewed

CVE-2025-40909 was published May 30, 2025

Untrusted LD_LIBRARY_PATH environment variable vulnerability in the GNU C Library version 2.27 to... Critical Unreviewed

CVE-2025-4802 was published May 16, 2025

Encode.pm, as distributed in Perl through 5.34.0, allows local users to gain privileges via a... High Unreviewed

CVE-2021-36770 was published May 24, 2022

sinatra does not validate expanded path matches High

CVE-2022-29970 was published for sinatra (RubyGems) May 3, 2022

Untrusted search path in Windows Administrator Protection allows an authorized attacker to... High Unreviewed

CVE-2025-60718 was published Nov 11, 2025

The Qualys Cloud Agent included a bundled uninstall script (qagent_uninstall.sh), specific to... Moderate Unreviewed

CVE-2025-43079 was published Nov 10, 2025

Previous 1…22…24 Next

Previous 1 2 … 20 21 22 23 24 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

585 advisories