Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,518
Maven
5,000+
npm
5,000+
NuGet
911
pip
4,758
Pub
13
RubyGems
1,036
Rust
1,228
Swift
53
Unreviewed advisories
All unreviewed
5,000+

395 advisories

Loading
Netgate AMITI Antivirus build 23.0.305 contains an unquoted service path vulnerability in the... High Unreviewed
CVE-2016-20058 was published Apr 4, 2026
Spy Emergency build 23.0.205 contains an unquoted service path vulnerability in the SpyEmrgHealth... High Unreviewed
CVE-2016-20056 was published Apr 4, 2026
NETGATE Registry Cleaner build 16.0.205 contains an unquoted service path vulnerability in the... High Unreviewed
CVE-2016-20057 was published Apr 4, 2026
IObit Advanced SystemCare 10.0.2 contains an unquoted service path vulnerability in the... High Unreviewed
CVE-2016-20055 was published Apr 4, 2026
IObit Malware Fighter 4.3.1 contains an unquoted service path vulnerability in the IMFservice and... High Unreviewed
CVE-2016-20059 was published Apr 4, 2026
sheed AntiVirus 2.3 contains an unquoted service path vulnerability in the ShavProt service that... High Unreviewed
CVE-2016-20061 was published Apr 4, 2026
Hotspot Shield 6.0.3 contains an unquoted service path vulnerability in the hshld service binary... High Unreviewed
CVE-2016-20060 was published Apr 4, 2026
Electron: Unquoted executable path in app.setLoginItemSettings on Windows Low
CVE-2026-34768 was published for electron (npm) Apr 3, 2026
Vulnerability related to an unquoted service path in Small HTTP Server 3.06.36, specifically... High Unreviewed
CVE-2025-41359 was published Mar 26, 2026
Vulnerability related to an unquoted service path in Small HTTP Server 3.06.36, specifically... High Unreviewed
CVE-2025-41368 was published Mar 26, 2026
SANUPS SOFTWARE provided by SANYO DENKI CO., LTD. registers Windows services with unquoted file... High Unreviewed
CVE-2026-33253 was published Mar 25, 2026
Serviio PRO 1.8 contains an unquoted search path vulnerability in the Windows service that allows... High Unreviewed
CVE-2017-20218 was published Mar 16, 2026
MobaXterm versions prior to 26.1 contain an uncontrolled search path element vulnerability. The... High Unreviewed
CVE-2026-25866 was published Mar 9, 2026
UPS Multi-UPS Management Console (MUMC) version 01.06.0001 (A03) contains an Incorrect Default... High Unreviewed
CVE-2026-26034 was published Mar 5, 2026
UPS Multi-UPS Management Console (MUMC) version 01.06.0001 (A03) contains an Unquoted Search Path... High Unreviewed
CVE-2026-26033 was published Mar 5, 2026
OpenClaw: safeBins static default trusted dirs allow writable-dir binary hijack (`jq`) High
CVE-2026-32009 was published for openclaw (npm) Mar 3, 2026
tdjackey Credited to tdjackey
An unquoted Windows service executable path vulnerability in IJ Scan Utility for Windows versions... High Unreviewed
CVE-2026-1585 was published Feb 27, 2026
Realtek IIS Codec Service 6.4.10041.133 contains an unquoted service path vulnerability that... High Unreviewed
CVE-2019-25345 was published Feb 12, 2026
ActiveFax Server 6.92 Build 0316 contains an unquoted service path vulnerability in the... High Unreviewed
CVE-2019-25310 was published Feb 11, 2026
Mikogo 5.2.2.150317 contains an unquoted service path vulnerability in the Mikogo-Service Windows... High Unreviewed
CVE-2019-25308 was published Feb 11, 2026
BlackMoon FTP Server 3.1.2.1731 contains an unquoted service path vulnerability that allows local... High Unreviewed
CVE-2019-25306 was published Feb 11, 2026
Zilab Remote Console Server 3.2.9 contains an unquoted service path vulnerability that allows... High Unreviewed
CVE-2019-25309 was published Feb 11, 2026
WorkgroupMail 7.5.1 contains an unquoted service path vulnerability in its Windows service... High Unreviewed
CVE-2019-25307 was published Feb 11, 2026
Products provided by Oki Electric Industry Co., Ltd. and its OEM products (Ricoh Co., Ltd.,... High Unreviewed
CVE-2026-24466 was published Feb 9, 2026
JumpStart 0.6.0.0 contains an unquoted service path vulnerability in the jswpbapi service running... High Unreviewed
CVE-2019-25305 was published Feb 6, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database