Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,819
Erlang
36
GitHub Actions
32
Go
2,410
Maven
5,000+
npm
4,046
NuGet
723
pip
3,842
Pub
12
RubyGems
933
Rust
1,003
Swift
38
Unreviewed advisories
All unreviewed
5,000+

816 advisories

Loading
An uncontrolled search path element vulnerability can lead to local privilege Escalation (LPE)... High Unreviewed
CVE-2025-0712 was published Jul 30, 2025
An uncontrolled search path element vulnerability can lead to local privilege Escalation (LPE)... High Unreviewed
CVE-2025-25011 was published Jul 30, 2025
DLL hijacking of all PE32 executables when run on Windows for ARM64 CPU architecture. This allows... Moderate Unreviewed
CVE-2025-7676 was published Jul 28, 2025
A DLL injection vulnerability exists in Commvault for Windows 11.20.0, 11.28.0, 11.32.0, 11.34.0,... High Unreviewed
CVE-2024-13976 was published Jul 25, 2025
Uncontrolled Search Path Element in Arm Development Studio before 2025 may allow an attacker to... Moderate Unreviewed
CVE-2025-7427 was published Jul 22, 2025
A DLL hijacking vulnerability was reported in the Motorola Software Fix (Rescue and Smart... High Unreviewed
CVE-2025-1700 was published Jul 17, 2025
A DLL hijacking vulnerability was reported in TrackPoint Quick Menu software that, under certain... Moderate Unreviewed
CVE-2025-1729 was published Jul 17, 2025
A local privilege escalation vulnerability in the Intercept X for Windows installer prior version... High Unreviewed
CVE-2025-7472 was published Jul 17, 2025
PSEvents.exe in multiple Panda Security products runs hourly with SYSTEM privileges and loads DLL... High Unreviewed
CVE-2025-34109 was published Jul 15, 2025
Emerson ValveLink products use a fixed or controlled search path to find resources, but one or ... Moderate Unreviewed
CVE-2025-48496 was published Jul 11, 2025
IBM i 7.2, 7.3, 7.4, and 7.5 could allow a user to gain elevated privileges due to an unqualified... High Unreviewed
CVE-2025-36004 was published Jun 26, 2025
Mattermost allows authenticated users to write files to arbitrary locations Critical
CVE-2025-4981 was published for github.com/mattermost/mattermost-server (Go) Jun 20, 2025
Untrusted DLLs in the installer's directory may be loaded and executed, leading to potentially... Moderate Unreviewed
CVE-2024-24916 was published Jun 19, 2025
OSV-SCALIBR's Container Image Unpacking Vulnerable to Arbitrary File Write via Path Traversal Moderate
CVE-2025-5981 was published for github.com/google/osv-scalibr (Go) Jun 18, 2025
Malayke
An uncontrolled search path vulnerability in the Trend Micro Worry-Free Business Security... Moderate Unreviewed
CVE-2025-49487 was published Jun 17, 2025
An uncontrolled search path vulnerability in the Trend Micro Apex One Data Loss Prevention module... High Unreviewed
CVE-2025-49155 was published Jun 17, 2025
An uncontrolled search path vulnerability in the Trend Micro Apex One security agent could allow... Moderate Unreviewed
CVE-2025-49158 was published Jun 17, 2025
IBM i 7.2, 7.3, 7.4, 7.5, and 7.6 could allow a user to gain elevated privileges due to an... High Unreviewed
CVE-2025-33122 was published Jun 17, 2025
Action1 Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This... High Unreviewed
CVE-2025-5480 was published Jun 6, 2025
Jupyter Core on Windows Has Uncontrolled Search Path Element Local Privilege Escalation Vulnerability High
CVE-2025-30167 was published for jupyter_core (pip) Jun 4, 2025
krassowski zdi-disclosures
HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a DLL hijacking vulnerability which... Moderate Unreviewed
CVE-2024-42190 was published May 30, 2025
HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a COM hijacking vulnerability which... Moderate Unreviewed
CVE-2024-42191 was published May 30, 2025
A vulnerability, which was classified as critical, has been found in Wondershare Filmora 14.5.16.... High Unreviewed
CVE-2025-5180 was published May 26, 2025
DLL's are not digitally signed when loaded in ASPECT's configuration toolset exposing the... High Unreviewed
CVE-2024-13946 was published May 22, 2025
Uncontrolled Search Path Element vulnerability in Forcepoint FIE Endpoint allows Privilege... High Unreviewed
CVE-2025-2272 was published May 22, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database