Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,825
Erlang
36
GitHub Actions
32
Go
2,417
Maven
5,000+
npm
4,054
NuGet
723
pip
3,845
Pub
12
RubyGems
933
Rust
1,005
Swift
38
Unreviewed advisories
All unreviewed
5,000+

205 advisories

Loading
Uncontrolled search path element in Power Automate allows an authorized attacker to disclose... Moderate Unreviewed
CVE-2025-29817 was published Apr 15, 2025
Untrusted search path vulnerability in Baidunetdisk Version 7.4.3 and earlier allows an attacker... Moderate Unreviewed
CVE-2021-36631 was published Dec 22, 2022
A DLL hijacking vulnerability was identified in the Qognify VMS Client Viewer version 7.1 or... Moderate Unreviewed
CVE-2023-49114 was published Feb 26, 2024
Uncontrolled Search Path Element in software for Intel(R) PROSet/Wireless Wi-Fi in Windows 10 and... Moderate Unreviewed
CVE-2021-0169 was published Feb 11, 2022
Privilege escalation in jar_signature agent plugin in Checkmk versions <2.4.0b7 (beta), <2.3.0p32... Moderate Unreviewed
CVE-2025-32917 was published May 13, 2025
Uncontrolled search path for some Intel(R) oneAPI DPC++/C++ Compiler software before version 2025... Moderate Unreviewed
CVE-2024-47795 was published May 13, 2025
Uncontrolled search path for some Intel(R) Graphics Driver software may allow an authenticated... Moderate Unreviewed
CVE-2024-47800 was published May 13, 2025
Uncontrolled search path for some Intel(R) oneAPI Level Zero software may allow an authenticated... Moderate Unreviewed
CVE-2024-31073 was published May 13, 2025
Uncontrolled search path for some Intel(R) QAT software before version 2.3.0 may allow an... Moderate Unreviewed
CVE-2024-39833 was published May 13, 2025
Uncontrolled search path for some Intel(R) Arc™ &amp; Iris(R) Xe graphics software before version... Moderate Unreviewed
CVE-2024-46895 was published May 13, 2025
Uncontrolled search path for some Intel(R) RealSense™ SDK software before version 2.56.2 may... Moderate Unreviewed
CVE-2025-20043 was published May 13, 2025
Uncontrolled search path for some Intel(R) Graphics software for Intel(R) Arc™ graphics and Intel... Moderate Unreviewed
CVE-2025-20041 was published May 13, 2025
Uncontrolled search path element for some Intel(R) Ethernet Connection software before version 29... Moderate Unreviewed
CVE-2025-20015 was published May 13, 2025
Uncontrolled search path element for some Intel(R) Network Adapter Driver installers for Windows... Moderate Unreviewed
CVE-2025-20108 was published May 13, 2025
Uncontrolled search path for some Intel(R) Advisor software may allow an authenticated user to... Moderate Unreviewed
CVE-2025-20079 was published May 13, 2025
Uncontrolled search path for some Intel(R) Graphics software may allow an authenticated user to... Moderate Unreviewed
CVE-2025-21099 was published May 13, 2025
SAP Business Client, version 7.0, allows an attacker after a successful social engineering attack... Moderate Unreviewed
CVE-2020-6244 was published May 24, 2022
HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a COM hijacking vulnerability which... Moderate Unreviewed
CVE-2024-42191 was published May 30, 2025
HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a DLL hijacking vulnerability which... Moderate Unreviewed
CVE-2024-42190 was published May 30, 2025
An uncontrolled search path vulnerability in the Trend Micro Worry-Free Business Security... Moderate Unreviewed
CVE-2025-49487 was published Jun 17, 2025
An uncontrolled search path vulnerability in the Trend Micro Apex One security agent could allow... Moderate Unreviewed
CVE-2025-49158 was published Jun 17, 2025
OSV-SCALIBR's Container Image Unpacking Vulnerable to Arbitrary File Write via Path Traversal Moderate
CVE-2025-5981 was published for github.com/google/osv-scalibr (Go) Jun 18, 2025
Malayke
Untrusted DLLs in the installer's directory may be loaded and executed, leading to potentially... Moderate Unreviewed
CVE-2024-24916 was published Jun 19, 2025
IBM Db2 10.1, 10.5, and 11.1 could allow a remote user to execute arbitrary code caused by... Moderate Unreviewed
CVE-2023-27859 was published Jan 22, 2024
Emerson ValveLink products use a fixed or controlled search path to find resources, but one or ... Moderate Unreviewed
CVE-2025-48496 was published Jul 11, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database