Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,717
Maven
5,000+
npm
4,328
NuGet
761
pip
4,105
Pub
12
RubyGems
958
Rust
1,065
Swift
45
Unreviewed advisories
All unreviewed
5,000+

79 advisories

Loading
Library loading on AIX Zabbix Agent builds can be hijacked by local users with write access to... Moderate Unreviewed
CVE-2025-49642 was published Dec 1, 2025
The Qualys Cloud Agent included a bundled uninstall script (qagent_uninstall.sh), specific to... Moderate Unreviewed
CVE-2025-43079 was published Nov 10, 2025
Race condition in the installer for certain Zoom Clients for Windows may allow an unauthenticated... Moderate Unreviewed
CVE-2025-49456 was published Aug 13, 2025
Apache Tomcat installer for Windows has an untrusted search path vulnerability Moderate
CVE-2025-49124 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Jun 16, 2025
Perl threads have a working directory race condition where file operations may target unintended... Moderate Unreviewed
CVE-2025-40909 was published May 30, 2025
Local privilege escalation due to a binary hijacking vulnerability. The following products are... Moderate Unreviewed
CVE-2025-30407 was published Mar 27, 2025
In JetBrains Runtime before 21.0.6b872.80 arbitrary dynamic library execution due to insecure... Moderate Unreviewed
CVE-2025-29903 was published Mar 12, 2025
Local privilege escalation due to DLL hijacking vulnerability. The following products are... Moderate Unreviewed
CVE-2025-24827 was published Jan 31, 2025
Local privilege escalation due to DLL hijacking vulnerability. The following products are... Moderate Unreviewed
CVE-2025-24828 was published Jan 31, 2025
Local privilege escalation due to DLL hijacking vulnerability. The following products are... Moderate Unreviewed
CVE-2025-24830 was published Jan 31, 2025
Local privilege escalation due to DLL hijacking vulnerability. The following products are... Moderate Unreviewed
CVE-2025-24829 was published Jan 31, 2025
Untrusted search path in the installer for some Zoom Workplace Apps for Windows may allow an... Moderate Unreviewed
CVE-2025-0145 was published Jan 30, 2025
A vulnerability, which was classified as problematic, has been found in libretro RetroArch up to... Moderate Unreviewed
CVE-2025-0459 was published Jan 14, 2025
pnpm no-script global cache poisoning via overrides / `ignore-scripts` evasion Moderate
CVE-2024-53866 was published for pnpm (npm) Dec 10, 2024
ChALkeR
Credited to ChALkeR
Untrusted Search Path vulnerability in OpenText™ Application Lifecycle Management (ALM),Quality... Moderate Unreviewed
CVE-2023-32266 was published Oct 16, 2024
SAP BusinessObjects Business Intelligence Platform allows a high privilege user to run client... Moderate Unreviewed
CVE-2024-45281 was published Sep 10, 2024
An untrusted search path vulnerability in B&R APROL <= R 4.4-00P3 may be used by an authenticated... Moderate Unreviewed
CVE-2024-5623 was published Aug 29, 2024
Untrusted search path in the installer for Zoom Workplace Desktop App for macOS and Zoom Meeting... Moderate Unreviewed
CVE-2024-42439 was published Aug 14, 2024
Samsung Magician 8.0.0 on Windows allows an admin to escalate privileges by tampering with the... Moderate Unreviewed
CVE-2024-36071 was published Jun 20, 2024
This vulnerability exists in AppSamvid software due to the usage of vulnerable and outdated... Moderate Unreviewed
CVE-2024-25103 was published Mar 6, 2024
Multiple components of Iconics SCADA Suite are prone to a Phantom DLL loading vulnerability. This... Moderate Unreviewed
CVE-2023-6061 was published Dec 8, 2023
Untrusted search path in CleanZoom before file date 07/24/2023 may allow a privileged user to... Moderate Unreviewed
CVE-2023-39201 was published Sep 12, 2023
Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are... Moderate Unreviewed
CVE-2023-29299 was published Aug 10, 2023
Untrusted search path in Zoom Rooms for Windows before version 5.15.5 may allow an authenticated... Moderate Unreviewed
CVE-2023-39212 was published Aug 9, 2023
An untrusted search path vulnerability exists in Node.js. <19.6.1, <18.14.1, <16.19.1, and <14.21... Moderate Unreviewed
CVE-2023-23920 was published Feb 23, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database