Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
70
GitHub Actions
52
Go
3,967
Maven
5,000+
npm
5,000+
NuGet
973
pip
5,000+
Pub
13
RubyGems
1,064
Rust
1,387
Swift
56
Unreviewed advisories
All unreviewed
5,000+

614 advisories

Loading
Untrusted search path vulnerability in AttacheCase ver.3.6.1.0 and earlier allows an attacker to... High Unreviewed
CVE-2022-28128 was published Apr 1, 2022
Untrusted search path vulnerability in AttacheCase ver.4.0.2.7 and earlier allows an attacker to... High Unreviewed
CVE-2022-25348 was published Apr 1, 2022
Untrusted Search Path in PNPM High
CVE-2022-26183 was published for pnpm (npm) Mar 23, 2022
Poetry before v1.1.9 contains Untrusted Search Path Critical
CVE-2022-26184 was published for poetry (pip) Mar 23, 2022
Anaconda Anaconda3 through 2021.11.0.0 and Miniconda3 through 11.0.0.0 can create a world... High Unreviewed
CVE-2022-26526 was published Mar 18, 2022
In Python before 3.10.3 on Windows, local users can gain privileges because the search path is... High Unreviewed
CVE-2022-26488 was published Mar 11, 2022
Untrusted Search Path in PostgreSQL Moderate Unreviewed
CVE-2020-14350 was published Feb 15, 2022
Git LFS can execute a Git binary from the current directory on Windows High
CVE-2021-21237 was published for github.com/git-lfs/git-lfs (Go) Feb 15, 2022
Ry0taK Credited to Ry0taK
NVIDIA Omniverse Launcher contains a Cross-Origin Resource Sharing (CORS) vulnerability which can... Critical Unreviewed
CVE-2022-21817 was published Feb 8, 2022
In ListCheck.exe in Acer Care Center 4.x before 4.00.3038, a vulnerability in the loading... High Unreviewed
CVE-2021-45975 was published Jan 27, 2022
An untrusted search path vulnerability exists in the Palo Alto Networks Cortex XDR agent that... High Unreviewed
CVE-2022-0014 was published Jan 13, 2022
Apache Ranger policy engine incorrectly matches paths in certain conditions Moderate
CVE-2016-8746 was published for org.apache.ranger:ranger-plugins-common (Maven) Oct 17, 2018
Ruby-ffi has a DLL loading issue High
CVE-2018-1000201 was published for ffi (RubyGems) Aug 31, 2018
High severity vulnerability that affects electron High
CVE-2016-1202 was published for electron (npm) Oct 24, 2017
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database