Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,051
Erlang
29
GitHub Actions
19
Go
1,887
Maven
5,000+
npm
3,602
NuGet
638
pip
3,205
Pub
10
RubyGems
852
Rust
816
Swift
35
Unreviewed advisories
All unreviewed
5,000+

617 advisories

Loading
electron-builder's NSIS installer - execute arbitrary code on the target machine (Windows only) High
CVE-2024-27303 was published for app-builder-lib (npm) Mar 4, 2024
bruno-1337
Dell Update Package (DUP), Versions prior to 4.9.10 contain an Uncontrolled Search Path... Moderate Unreviewed
CVE-2023-39254 was published Mar 1, 2024
Delta Electronics CNCSoft-B DOPSoft prior to v4.0.0.82 insecurely loads libraries, which may... High Unreviewed
CVE-2024-1595 was published Feb 29, 2024
The vulnerability, if exploited, could allow a malicious entity with access to the file system... High Unreviewed
CVE-2023-6132 was published Feb 29, 2024
A DLL hijacking vulnerability was identified in the Qognify VMS Client Viewer version 7.1 or... Moderate Unreviewed
CVE-2023-49114 was published Feb 26, 2024
An issue in Plone Docker Official Image 5.2.13 (5221) open-source software that could allow for... Critical Unreviewed
CVE-2024-23054 was published Feb 5, 2024
Trend Micro uiAirSupport, included in the Trend Micro Security 2023 family of consumer products,... High Unreviewed
CVE-2024-23940 was published Jan 29, 2024
An issue was discovered in Regify Regipay Client for Windows version 4.5.1.0 allows DLL hijacking... High Unreviewed
CVE-2023-51711 was published Jan 24, 2024
Uncontrolled search path in some Intel NUC Pro Software Suite Configuration Tool software... High Unreviewed
CVE-2023-32272 was published Jan 19, 2024
Privilege escalation in jar_signature agent plugin in Checkmk before 2.2.0p17, 2.1.0p37 and 2.0... High Unreviewed
CVE-2023-6740 was published Jan 12, 2024
An uncontrolled search path element vulnerability (DLL hijacking) has been discovered that could... High Unreviewed
CVE-2023-29445 was published Jan 10, 2024
An uncontrolled search path element vulnerability (DLL hijacking) has been discovered that could... Moderate Unreviewed
CVE-2023-29444 was published Jan 10, 2024
There is a DLL hijacking vulnerability in ZTE ZXCLOUD iRAI, an attacker could place a fake DLL... Low Unreviewed
CVE-2023-41782 was published Jan 5, 2024
Uncontrolled search path vulnerabilities were reported in the Lenovo Universal Device Client (UDC... High Unreviewed
CVE-2023-6338 was published Jan 3, 2024
There is an unsafe DLL loading vulnerability in ZTE ZXCLOUD iRAI. Due to the  program  failed to... Moderate Unreviewed
CVE-2023-41780 was published Jan 3, 2024
Facsimile Support for IBM i 7.2, 7.3, 7.4, and 7.5 could allow a local user to gain elevated... High Unreviewed
CVE-2023-43064 was published Dec 25, 2023
A vulnerability has been found in PeaZip 9.4.0 and classified as problematic. Affected by this... Moderate Unreviewed
CVE-2023-6891 was published Dec 17, 2023
Usage of user controlled LD_LIBRARY_PATH in agent in Checkmk 2.2.0p10 up to 2.2.0p16 allows... High Unreviewed
CVE-2023-31210 was published Dec 13, 2023
In BeyondTrust Privilege Management for Windows (aka PMfW) through 5.7, a SYSTEM installation... High Unreviewed
CVE-2020-28369 was published Dec 12, 2023
Local privilege escalation due to DLL hijacking vulnerability. The following products are... High Unreviewed
CVE-2023-48677 was published Dec 12, 2023
An issue was discovered in EnterpriseDB Postgres Advanced Server (EPAS) before 11.21.32, 12.x... High Unreviewed
CVE-2023-41117 was published Dec 12, 2023
DLL hijacking vulnerability in TTplayer version 7.0.2, allows local attackers to escalate... High Unreviewed
CVE-2023-48861 was published Dec 7, 2023
EzViz Studio v2.2.0 is vulnerable to DLL hijacking. High Unreviewed
CVE-2023-41613 was published Dec 4, 2023
DLL Hijacking vulnerability in Huddly HuddlyCameraService before version 8.0.7, not including... High Unreviewed
CVE-2023-45252 was published Dec 1, 2023
An Untrusted search path vulnerability in notepad++ 6.5 allows local users to gain escalated... High Unreviewed
CVE-2023-47452 was published Nov 30, 2023
ProTip! Advisories are also available from the GraphQL API