Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,538
Maven
5,000+
npm
5,000+
NuGet
914
pip
4,790
Pub
13
RubyGems
1,037
Rust
1,232
Swift
53
Unreviewed advisories
All unreviewed
5,000+

602 advisories

Loading
A weakness has been identified in Total VPN 0.5.29.0 on Windows. Affected by this vulnerability... High Unreviewed
CVE-2026-2542 was published Feb 16, 2026
A vulnerability was identified in Unidocs ezPDF DRM Reader and ezPDF Reader 2.0/3.0.0.4 on 32-bit... High Unreviewed
CVE-2026-2516 was published Feb 15, 2026
A flaw has been found in Artifex MuPDF up to 1.26.1 on Windows. The impacted element is the... High Unreviewed
CVE-2025-15569 was published Feb 10, 2026
Tanium addressed an improper input validation vulnerability in Tanium Appliance. Low Unreviewed
CVE-2025-15321 was published Feb 5, 2026
IBM App Connect Enterprise Certified Container up to 12.19.0 (Continuous Delivery) and 12.0 LTS ... Moderate Unreviewed
CVE-2025-13491 was published Feb 5, 2026
A maliciously crafted project directory, when opening a max file in Autodesk 3ds Max, could lead... High Unreviewed
CVE-2026-0662 was published Feb 4, 2026
An untrusted search path vulnerability has been identified in the Embedded Solutions Framework in... Critical Unreviewed
CVE-2025-65078 was published Feb 3, 2026
OpenTelemetry Go SDK Vulnerable to Arbitrary Code Execution via PATH Hijacking High
CVE-2026-24051 was published for go.opentelemetry.io/otel/sdk (Go) Feb 2, 2026
MorielHarush Credited to MorielHarush, pellared, and arminru pellared pellared
arminru arminru
During the installation of the Native Access application, a privileged helper `com.native... High Unreviewed
CVE-2026-24070 was published Feb 2, 2026
SiYuan File Read API Case Sensitivity Bypass can Lead to Path Traversal High
CVE-2026-25992 was published for github.com/siyuan-note/siyuan/kernel (Go) Jan 28, 2026
EaEa0001 Credited to EaEa0001
pnpm: Binary ZIP extraction allows arbitrary file write via path traversal (Zip Slip) Moderate
CVE-2026-23888 was published for pnpm (npm) Jan 26, 2026
mldangelo Credited to mldangelo and mgol mgol mgol
Illustrator versions 29.8.3, 30.0 and earlier are affected by an Untrusted Search Path... High Unreviewed
CVE-2026-21280 was published Jan 13, 2026
Untrusted search path in Microsoft Office allows an unauthorized attacker to execute code locally. High Unreviewed
CVE-2026-20943 was published Jan 13, 2026
An uncontrolled DLL loading path vulnerability exists in AsusSoftwareManagerAgent. A local... High Unreviewed
CVE-2025-12793 was published Jan 6, 2026
LogicalDOC Enterprise 7.7.4 contains multiple authenticated OS command execution vulnerabilities... High Unreviewed
CVE-2019-25257 was published Dec 24, 2025
Acrobat Reader versions 24.001.30264, 20.005.30793, 25.001.20982, 24.001.30273, 20.005.30803 and... High Unreviewed
CVE-2025-64785 was published Dec 9, 2025
Untrusted search path in auth_query connection handler in PgBouncer before 1.25.0 allows an... High Unreviewed
CVE-2025-12819 was published Dec 3, 2025
Library loading on AIX Zabbix Agent builds can be hijacked by local users with write access to... Moderate Unreviewed
CVE-2025-49642 was published Dec 1, 2025
A DLL hijacking vulnerability in AMD StoreMI™ could allow an attacker to achieve privilege... High Unreviewed
CVE-2024-21922 was published Nov 23, 2025
Incorrect default permissions in AMD StoreMI™ could allow an attacker to achieve privilege... High Unreviewed
CVE-2024-21923 was published Nov 23, 2025
A security flaw has been discovered in Muse Group MuseHub 2.1.0.1567. The affected element is an... High Unreviewed
CVE-2025-13433 was published Nov 20, 2025
Untrusted search path in Windows Administrator Protection allows an authorized attacker to... High Unreviewed
CVE-2025-60718 was published Nov 11, 2025
The Qualys Cloud Agent included a bundled uninstall script (qagent_uninstall.sh), specific to... Moderate Unreviewed
CVE-2025-43079 was published Nov 10, 2025
Potential privilege escalation issue in Revenera InstallShield version 2023 R1 running a renamed... High Unreviewed
CVE-2024-14012 was published Oct 29, 2025
A weakness has been identified in VeePN up to 1.6.2. This affects an unknown function of the file... High Unreviewed
CVE-2025-12286 was published Oct 27, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database