GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,912
Composer 5,067
Erlang 39
GitHub Actions 38
Go 2,717
Maven 6,143
npm 4,328
NuGet 761
pip 4,105
Pub 12
RubyGems 958
Rust 1,065
Swift 45

Unreviewed advisories

All unreviewed 278,973

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

560 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Untrusted search path in auth_query connection handler in PgBouncer before 1.25.0 allows an... High Unreviewed

CVE-2025-12819 was published Dec 3, 2025

Yandex Telemost for Desktop before 2.7.0 has a DLL Hijacking Vulnerability because an untrusted... High Unreviewed

CVE-2024-12168 was published Jun 2, 2025

Library loading on AIX Zabbix Agent builds can be hijacked by local users with write access to... Moderate Unreviewed

CVE-2025-49642 was published Dec 1, 2025

The Firefox installer on Windows can be made to load malicious DLL files stored in the same... High Unreviewed

CVE-2017-7755 was published May 14, 2022

A DLL hijacking vulnerability in AMD StoreMI™ could allow an attacker to achieve privilege... High Unreviewed

CVE-2024-21922 was published Nov 23, 2025

Incorrect default permissions in AMD StoreMI™ could allow an attacker to achieve privilege... High Unreviewed

CVE-2024-21923 was published Nov 23, 2025

A security flaw has been discovered in Muse Group MuseHub 2.1.0.1567. The affected element is an... High Unreviewed

CVE-2025-13433 was published Nov 20, 2025

The Qualys Cloud Agent included a bundled uninstall script (qagent_uninstall.sh), specific to... Moderate Unreviewed

CVE-2025-43079 was published Nov 10, 2025

Untrusted search path in Windows Administrator Protection allows an authorized attacker to... High Unreviewed

CVE-2025-60718 was published Nov 11, 2025

sinatra does not validate expanded path matches High

CVE-2022-29970 was published for sinatra (RubyGems) May 3, 2022

Encode.pm, as distributed in Perl through 5.34.0, allows local users to gain privileges via a... High Unreviewed

CVE-2021-36770 was published May 24, 2022

Untrusted LD_LIBRARY_PATH environment variable vulnerability in the GNU C Library version 2.27 to... Critical Unreviewed

CVE-2025-4802 was published May 16, 2025

Perl threads have a working directory race condition where file operations may target unintended... Moderate Unreviewed

CVE-2025-40909 was published May 30, 2025

Potential privilege escalation issue in Revenera InstallShield version 2023 R1 running a renamed... High Unreviewed

CVE-2024-14012 was published Oct 29, 2025

Apache Tomcat installer for Windows has an untrusted search path vulnerability Moderate

CVE-2025-49124 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Jun 16, 2025

A weakness has been identified in VeePN up to 1.6.2. This affects an unknown function of the file... High Unreviewed

CVE-2025-12286 was published Oct 27, 2025

A weakness has been identified in Hasleo Backup Suite up to 5.2. Impacted is an unknown function... High Unreviewed

CVE-2025-12247 was published Oct 27, 2025

NVIDIA Container Toolkit for all platforms contains an Untrusted Search Path Critical

CVE-2025-23266 was published for github.com/NVIDIA/gpu-operator (Go) Jul 17, 2025

mDNSResponder.exe is vulnerable to DLL Sideloading attack. Executable improperly specifies how to... High Unreviewed

CVE-2022-23748 was published Nov 18, 2022

Windows CSRSS Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22026,... High Unreviewed

CVE-2022-22047 was published Jul 13, 2022

A security vulnerability has been detected in LibreWolf up to 143.0.4-1 on Windows. This affects... High Unreviewed

CVE-2025-11940 was published Oct 19, 2025

Unity Editor 2019.1 through 6000.3 could allow remote attackers to exploit file loading and Local... High Unreviewed

CVE-2025-59489 was published Oct 3, 2025

In Seagate Toolkit on Windows a vulnerability exists in the Toolkit Installer prior to versions 2... High Unreviewed

CVE-2025-9267 was published Sep 26, 2025

Race condition in the installer for certain Zoom Clients for Windows may allow an unauthenticated... Moderate Unreviewed

CVE-2025-49456 was published Aug 13, 2025

A DLL Hijacking caused by drive remapping combined with a poisoning of the activation cache in... High Unreviewed

CVE-2024-6769 was published Sep 26, 2024

Previous1…23 Next

Previous 1 2 3 4 5 … 22 23 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

560 advisories