Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,331
Erlang
31
GitHub Actions
21
Go
2,093
Maven
5,000+
npm
3,756
NuGet
678
pip
3,443
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

495 advisories

Loading
A vulnerability classified as critical has been found in Intelbras InControl up to 2.21.56. This... High Unreviewed
CVE-2024-9325 was published Sep 29, 2024
A maliciously crafted binary file when downloaded could lead to escalation of privileges to NT... High Unreviewed
CVE-2024-7995 was published Nov 5, 2024
Microsoft.SqlServer.XEvent.Configuration.dll Remote Code Execution Vulnerability High Unreviewed
CVE-2024-49043 was published Nov 12, 2024
A untrusted search path in Fortinet FortiClientWindows versions 7.4.0, versions 7.2.4 through 7.2... High Unreviewed
CVE-2024-36507 was published Nov 12, 2024
Substance3D - Painter versions 10.1.0 and earlier are affected by an Untrusted Search Path... High Unreviewed
CVE-2024-49515 was published Nov 12, 2024
sccache vulnerable to privilege escalation if server is run as root High
CVE-2023-1521 was published for sccache (Rust) May 30, 2023
kevinbackhouse
An issue in Clementine v.1.3.1 allows a local attacker to execute arbitrary code via a crafted... High Unreviewed
CVE-2024-50986 was published Nov 15, 2024
DLL injection in Veeam Agent for Windows can occur if the system's PATH variable includes... High Unreviewed
CVE-2024-45207 was published Dec 4, 2024
A maliciously crafted DLL file, when placed in the same directory as an RVT file could be loaded... High Unreviewed
CVE-2024-11454 was published Dec 9, 2024
pnpm no-script global cache poisoning via overrides / `ignore-scripts` evasion Moderate
CVE-2024-53866 was published for pnpm (npm) Dec 10, 2024
ChALkeR
Apache Hadoop allows local user to gain root privileges High
CVE-2023-26031 was published for org.apache.hadoop:hadoop-yarn-project (Maven) Nov 16, 2023
vulnerability-analyst anonymous-nlp-student
** DISPUTED ** A vulnerability has been found in Scooter Software Beyond Compare up to 3.3.5... High Unreviewed
CVE-2024-7886 was published Aug 17, 2024
A vulnerability, which was classified as problematic, has been found in libretro RetroArch up to... Moderate Unreviewed
CVE-2025-0459 was published Jan 14, 2025
Microsoft Office Remote Code Execution Vulnerability High Unreviewed
CVE-2025-21365 was published Jan 14, 2025
An untrusted search path vulnerability in testinitsigs.exe as used in Bitdefender Antivirus Free... High Unreviewed
CVE-2020-8094 was published Jan 15, 2025
Excessive binary privileges in Ivanti Connect Secure which affects versions 22.4R2 through 22.7R2... High Unreviewed
CVE-2024-47906 was published Nov 12, 2024
In Phiewer 4.1.0, a dylib injection leads to Command Execution which allow attackers to inject... Low Unreviewed
CVE-2024-53407 was published Jan 16, 2025
An issue in termius before v.9.9.0 allows a local attacker to execute arbitrary code via a... Low Unreviewed
CVE-2024-55503 was published Jan 16, 2025
A vulnerability classified as problematic was found in Epic Games Launcher up to 17.2.1. This... Low Unreviewed
CVE-2025-0567 was published Jan 19, 2025
A vulnerability has been found in obsproject OBS Studio up to 30.0.2 on Windows and classified as... Low Unreviewed
CVE-2024-13524 was published Jan 20, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database