Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
46
GitHub Actions
48
Go
3,343
Maven
5,000+
npm
5,000+
NuGet
881
pip
4,550
Pub
12
RubyGems
1,013
Rust
1,203
Swift
51
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

552 advisories

Loading
A security flaw has been discovered in UltraVNC up to 1.6.4.0. Affected by this issue is some... High Unreviewed
CVE-2026-4962 was published Mar 27, 2026
A weakness has been identified in Flos Freeware Notepad2 4.2.25. This impacts an unknown function... High Unreviewed
CVE-2026-4546 was published Mar 22, 2026
A security flaw has been discovered in Flos Freeware Notepad2 4.2.25. This affects an unknown... High Unreviewed
CVE-2026-4545 was published Mar 22, 2026
Illustrator versions 29.8.4, 30.1 and earlier are affected by an Untrusted Search Path... High Unreviewed
CVE-2026-21333 was published Mar 11, 2026
Untrusted search path in Windows GDI allows an unauthorized attacker to execute code locally. High Unreviewed
CVE-2026-25190 was published Mar 10, 2026
A weakness has been identified in UltraVNC 1.6.4.0 on Windows. This affects an unknown function... High Unreviewed
CVE-2026-3787 was published Mar 9, 2026
ERP developed by eAI Technologies has a DLL Hijacking vulnerability, allowing authenticated local... High Unreviewed
CVE-2026-2998 was published Feb 23, 2026
A security flaw has been discovered in Flos Freeware Notepad2 4.2.22/4.2.23/4.2.24/4.2.25.... High Unreviewed
CVE-2026-2538 was published Feb 16, 2026
A weakness has been identified in Total VPN 0.5.29.0 on Windows. Affected by this vulnerability... High Unreviewed
CVE-2026-2542 was published Feb 16, 2026
A vulnerability was identified in Unidocs ezPDF DRM Reader and ezPDF Reader 2.0/3.0.0.4 on 32-bit... High Unreviewed
CVE-2026-2516 was published Feb 15, 2026
A flaw has been found in Artifex MuPDF up to 1.26.1 on Windows. The impacted element is the... High Unreviewed
CVE-2025-15569 was published Feb 10, 2026
Tanium addressed an improper input validation vulnerability in Tanium Appliance. Low Unreviewed
CVE-2025-15321 was published Feb 5, 2026
IBM App Connect Enterprise Certified Container up to 12.19.0 (Continuous Delivery) and 12.0 LTS ... Moderate Unreviewed
CVE-2025-13491 was published Feb 5, 2026
A maliciously crafted project directory, when opening a max file in Autodesk 3ds Max, could lead... High Unreviewed
CVE-2026-0662 was published Feb 4, 2026
An untrusted search path vulnerability has been identified in the Embedded Solutions Framework in... Critical Unreviewed
CVE-2025-65078 was published Feb 3, 2026
During the installation of the Native Access application, a privileged helper `com.native... High Unreviewed
CVE-2026-24070 was published Feb 2, 2026
Illustrator versions 29.8.3, 30.0 and earlier are affected by an Untrusted Search Path... High Unreviewed
CVE-2026-21280 was published Jan 13, 2026
Untrusted search path in Microsoft Office allows an unauthorized attacker to execute code locally. High Unreviewed
CVE-2026-20943 was published Jan 13, 2026
An uncontrolled DLL loading path vulnerability exists in AsusSoftwareManagerAgent. A local... High Unreviewed
CVE-2025-12793 was published Jan 6, 2026
LogicalDOC Enterprise 7.7.4 contains multiple authenticated OS command execution vulnerabilities... High Unreviewed
CVE-2019-25257 was published Dec 24, 2025
Acrobat Reader versions 24.001.30264, 20.005.30793, 25.001.20982, 24.001.30273, 20.005.30803 and... High Unreviewed
CVE-2025-64785 was published Dec 9, 2025
Untrusted search path in auth_query connection handler in PgBouncer before 1.25.0 allows an... High Unreviewed
CVE-2025-12819 was published Dec 3, 2025
Library loading on AIX Zabbix Agent builds can be hijacked by local users with write access to... Moderate Unreviewed
CVE-2025-49642 was published Dec 1, 2025
A DLL hijacking vulnerability in AMD StoreMI™ could allow an attacker to achieve privilege... High Unreviewed
CVE-2024-21922 was published Nov 23, 2025
Incorrect default permissions in AMD StoreMI™ could allow an attacker to achieve privilege... High Unreviewed
CVE-2024-21923 was published Nov 23, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database