Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,154
NuGet
736
pip
3,953
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

839 advisories

Loading
In OSIsoft PI System multiple products and versions, a local attacker can modify a search path... High Unreviewed
CVE-2020-10610 was published May 24, 2022
When the Windows DLL "webauthn.dll" was missing from the Operating System, and a malicious one... Moderate Unreviewed
CVE-2020-12423 was published May 24, 2022
In Python 3.6 through 3.6.10, 3.7 through 3.7.8, 3.8 through 3.8.4rc1, and 3.9 through 3.9.0b4 on... Moderate Unreviewed
CVE-2020-15523 was published May 24, 2022
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to execute... Moderate Unreviewed
CVE-2019-20419 was published May 24, 2022
An issue was discovered in Mattermost Desktop App before 4.3.0 on macOS. It allows dylib injection. High Unreviewed
CVE-2019-20856 was published May 24, 2022
Mids' Reborn Hero Designer 2.6.0.7 has an elevation of privilege vulnerability due to default and... Moderate Unreviewed
CVE-2020-11613 was published May 24, 2022
A vulnerability has been identified in SIMATIC PCS 7 (All versions), SIMATIC PDM (All versions),... Moderate Unreviewed
CVE-2020-7585 was published May 24, 2022
DLL Search Order Hijacking vulnerability in McAfee Agent (MA) prior to 5.6.4 allows attackers... Moderate Unreviewed
CVE-2019-3613 was published May 24, 2022
A Windows privilege change issue was discovered in Splashtop Software Updater before 1.5.6.16.... Moderate Unreviewed
CVE-2020-12431 was published May 24, 2022
Duplicate Advisory: Kerberos for NodeJS allows DLL Injection High
GHSA-f478-xwv9-p93q was published for kerberos (npm) May 24, 2022 withdrawn
In Fazecast jSerialComm, Version 2.2.2 and prior, an uncontrolled search path element... Moderate Unreviewed
CVE-2020-10626 was published May 24, 2022
SAP Business Client, version 7.0, allows an attacker after a successful social engineering attack... Moderate Unreviewed
CVE-2020-6244 was published May 24, 2022
Improper Input Validation in Plex Media Server on Windows allows a local, unauthenticated... High Unreviewed
CVE-2020-5740 was published May 24, 2022
Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017... Moderate Unreviewed
CVE-2020-3803 was published May 24, 2022
Uncontrolled search path element in the installer for Intel(R) Graphics Drivers before versions... Moderate Unreviewed
CVE-2020-0515 was published May 24, 2022
A vulnerability in the installer component of Cisco AnyConnect Secure Mobility Client for Windows... Moderate Unreviewed
CVE-2020-3153 was published May 24, 2022
The usage of Tomcat in Confluence on the Microsoft Windows operating system before version 7.0.5,... Moderate Unreviewed
CVE-2019-20406 was published May 24, 2022
The usage of Tomcat in Jira before version 8.5.2 allows local attackers with permission to write... Moderate Unreviewed
CVE-2019-20400 was published May 24, 2022
Trend Micro HouseCall for Home Networks (versions below 5.3.0.1063) could be exploited via a DLL... Moderate Unreviewed
CVE-2019-19689 was published May 24, 2022
Dell Command Configure versions prior to 4.2.1 contain an uncontrolled search path vulnerability.... High Unreviewed
CVE-2019-18575 was published May 24, 2022
In Sony Catalyst Production Suite through 2019.1 (1.1.0.21) and Catalyst Browse through 2019.1 (1... Moderate Unreviewed
CVE-2019-19364 was published May 24, 2022
COPA-DATA zenone32 zenon Editor through 8.10 has an Uncontrolled Search Path Element. High Unreviewed
CVE-2019-15638 was published May 24, 2022
Dell Command Update versions prior to 3.1 contain an Arbitrary File Deletion Vulnerability. A... Moderate Unreviewed
CVE-2019-3750 was published May 24, 2022
A vulnerability in the loading mechanism of specific dynamic link libraries in Cisco Webex Teams... Moderate Unreviewed
CVE-2019-16001 was published May 24, 2022
Adobe Illustrator CC versions 23.1 and earlier have an insecure library loading (dll hijacking)... High Unreviewed
CVE-2019-7962 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database