Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
45
Go
3,248
Maven
5,000+
npm
5,000+
NuGet
867
pip
4,513
Pub
12
RubyGems
997
Rust
1,189
Swift
51
Unreviewed advisories
All unreviewed
5,000+

254 advisories

Loading
SAP GUI for Windows allows DLL files to be loaded from arbitrary directories within the... Moderate Unreviewed
CVE-2026-24317 was published Mar 10, 2026
Local privilege escalation due to DLL hijacking vulnerability. The following products are... Moderate Unreviewed
CVE-2026-28711 was published Mar 6, 2026
Local privilege escalation due to DLL hijacking vulnerability. The following products are... Moderate Unreviewed
CVE-2026-28712 was published Mar 6, 2026
Dell PowerScale OneFS, versions prior to 9.10.1.6 and versions 9.11.0.0 through 9.12.0.1,... Moderate Unreviewed
CVE-2026-22270 was published Mar 4, 2026
An uncontrolled search path element vulnerability in Synology Presto Client before 2.1.3-0672... Moderate Unreviewed
CVE-2026-3091 was published Feb 24, 2026
Uncontrolled search path for some AI Playground before version 2.6.1 beta within Ring 3: User... Moderate Unreviewed
CVE-2025-32452 was published Feb 10, 2026
Uncontrolled search path in some software installer for some VTune(TM) Profiler software and... Moderate Unreviewed
CVE-2025-20106 was published Feb 10, 2026
PsySH has Local Privilege Escalation via CWD .psysh.php auto-load Moderate
CVE-2026-25129 was published for psy/psysh (Composer) Jan 30, 2026
aqhmal Credited to aqhmal
Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Standard on Windows (Nios... Moderate Unreviewed
CVE-2025-14625 was published Jan 7, 2026
Symantec Endpoint Protection, prior to 14.3 RU10 Patch 1, RU9 Patch 2, and RU8 Patch 3, may be... Moderate Unreviewed
CVE-2025-13919 was published Jan 28, 2026
beat-access for Windows version 3.0.3 and prior contains an issue with the DLL search path, which... Moderate Unreviewed
CVE-2026-21408 was published Jan 27, 2026
NVIDIA Nsight Systems for Windows contains a vulnerability in the application’s DLL loading... Moderate Unreviewed
CVE-2025-33231 was published Jan 20, 2026
Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Standard Installer (SFX)... Moderate Unreviewed
CVE-2025-14599 was published Jan 7, 2026
Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Pro Installer (SFX) on... Moderate Unreviewed
CVE-2025-14596 was published Jan 7, 2026
Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Pro on Windows (System... Moderate Unreviewed
CVE-2025-14605 was published Jan 7, 2026
PDFsam Enhanced Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This... Moderate Unreviewed
CVE-2025-14405 was published Dec 24, 2025
The High Level Synthesis Compiler i++ command for Windows is vulnerable to a DLL planting... Moderate Unreviewed
CVE-2025-13670 was published Dec 12, 2025
Uncontrolled Search Path Element vulnerability in Altera High Level Synthesis Compiler on Windows... Moderate Unreviewed
CVE-2025-13669 was published Dec 12, 2025
The System Console Utility for Windows is vulnerable to a DLL planting vulnerability Moderate Unreviewed
CVE-2025-13665 was published Dec 12, 2025
A potential security vulnerability in Quartus® Prime Pro Edition Design Software may allow... Moderate Unreviewed
CVE-2025-13668 was published Dec 12, 2025
A potential security vulnerability in Quartus® Prime Standard Edition Design Software may allow... Moderate Unreviewed
CVE-2025-13664 was published Dec 11, 2025
A privilege escalation vulnerability was discovered in TeamViewer DEX (former 1E DEX),... Moderate Unreviewed
CVE-2025-64994 was published Dec 11, 2025
A privilege escalation vulnerability was discovered in TeamViewer DEX (former 1E DEX),... Moderate Unreviewed
CVE-2025-64995 was published Dec 11, 2025
A carefully crafted DLL, copied to C:\ProgramData\Synaptics folder, allows a local user to... Moderate Unreviewed
CVE-2025-11772 was published Dec 1, 2025
Notepad++ v8.8.3 has a DLL hijacking vulnerability, which can replace the original DLL file to... Moderate Unreviewed
CVE-2025-56383 was published Sep 26, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database