GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 27,307
Composer 5,343
Erlang 44
GitHub Actions 45
Go 3,196
Maven 6,305
npm 5,177
NuGet 864
pip 4,483
Pub 12
RubyGems 992
Rust 1,186
Swift 51

Unreviewed advisories

All unreviewed 293,771

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

50 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Improper quotation in search paths in the Eaton UPS Companion software installer could lead to... Moderate Unreviewed

CVE-2025-59888 was published Dec 26, 2025

AnyDesk 7.0.15 and 9.0.1 contains an unquoted service path vulnerability that allows local non... Moderate Unreviewed

CVE-2025-34499 was published Dec 12, 2025

Unquoted search path for some PRI Driver software before version 03.03.1002 within Ring 3: User... Moderate Unreviewed

CVE-2025-32449 was published Nov 11, 2025

A vulnerability has been found in the CPython `venv` module and CLI where path names provided... Moderate Unreviewed

CVE-2024-9287 was published Oct 22, 2024

memoQ 10.1.13.ef1b2b52aae and earlier contains an unquoted service path vulnerability in the... Moderate Unreviewed

CVE-2025-60320 was published Oct 29, 2025

Unquoted Windows search path vulnerability in Schneider Electric Floating License Manager 1.0.0... Moderate Unreviewed

CVE-2014-0759 was published May 17, 2022

A vulnerability (CWE-428) has been identified in the Uninterruptible Power Supply (UPS)... Moderate Unreviewed

CVE-2025-9818 was published Sep 17, 2025

There is an Unquoted Service Path Vulnerability in some HikCentral FocSign versions. This could... Moderate Unreviewed

CVE-2025-39246 was published Aug 29, 2025

The service executable path in Seagate Toolkit on Versions prior to 2.34.0.33 on Windows allows... Moderate Unreviewed

CVE-2025-9043 was published Aug 14, 2025

Unquoted search path or element in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before... Moderate Unreviewed

CVE-2023-24542 was published Oct 10, 2024

Untrusted search path vulnerability in Baidunetdisk Version 7.4.3 and earlier allows an attacker... Moderate Unreviewed

CVE-2021-36631 was published Dec 22, 2022

Xerox Desktop Print Experience application contains a Local Privilege Escalation (LPE)... Moderate Unreviewed

CVE-2025-1984 was published Mar 12, 2025

Local privilege escalation due to unquoted search path vulnerability. The following products are... Moderate Unreviewed

CVE-2025-24831 was published Jan 31, 2025

Grafana Agent (Flow mode) on Windows has Unquoted Search Path or Element vulnerability Moderate

CVE-2024-8996 was published for github.com/grafana/agent (Go) Sep 25, 2024

Grafana Alloy on Windows has Unquoted Search Path or Element vulnerability Moderate

CVE-2024-8975 was published for github.com/grafana/alloy (Go) Sep 25, 2024

An unquoted search path or element vulnerability has been reported to affect QVR Smart Client. If... Moderate Unreviewed

CVE-2022-27592 was published Sep 6, 2024

Unquoted Executable Path vulnerability in Hitachi Device Manager on Windows (Device Manager... Moderate Unreviewed

CVE-2024-5963 was published Aug 6, 2024

Unquoted Search Path or Element vulnerability in ABB Mint Workbench. A local attacker who... Moderate Unreviewed

CVE-2024-5402 was published Jul 15, 2024

A “CWE-428: Unquoted Search Path or Element” affects the ThermoscanIP_Scrutation service. Such... Moderate Unreviewed

CVE-2024-31201 was published Jul 31, 2024

Unquoted search path or element in some Intel(R) Arc(TM) & Iris(R) Xe Graphics - WHQL - Windows... Moderate Unreviewed

CVE-2023-29165 was published Nov 14, 2023

Unquoted Search Path or Element vulnerability in Logitech MEVO WEBCAM APP on Windows allows Local... Moderate Unreviewed

CVE-2024-4031 was published Apr 23, 2024

A vulnerability was found in AO-OPC server versions mentioned above. As the directory information... Moderate Unreviewed

CVE-2023-2685 was published Jul 28, 2023

Unquoted service path in the installer for the Intel(R) SCS Discovery Utility version 12.0.0.129... Moderate Unreviewed

CVE-2019-11093 was published May 24, 2022

The LDAP Agent Update service with versions prior to 5.18 used an unquoted path, which could... Moderate Unreviewed

CVE-2023-0392 was published Nov 8, 2023

Unquoted search path in the installer for some Intel Server Configuration Utility software before... Moderate Unreviewed

CVE-2023-25075 was published Nov 14, 2023

Previous12 Next

Previous 1 2 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

50 advisories