Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,083
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,644
NuGet
638
pip
3,260
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

987 advisories

Loading
The init script in the Debian x11-common package before 1:7.6+12 is vulnerable to a symlink... Moderate Unreviewed
CVE-2012-1093 was published Apr 23, 2022
An exploitable vulnerability exists in the /api/CONFIG/restore functionality of Circle with... High Unreviewed
CVE-2017-2916 was published May 13, 2022
Improper Link Resolution Before File Access in Apache Hadoop Moderate
CVE-2014-3627 was published for org.apache.hadoop:hadoop-client (Maven) May 17, 2022
In Checkmk before 1.6.0p29, 2.x before 2.0.0p25, and 2.1.x before 2.1.0b10, a site user can... High Unreviewed
CVE-2022-31258 was published May 21, 2022
VMware Fusion (11.x before 11.5.2), VMware Remote Console for Mac (11.x and prior before 11.0.1)... High Unreviewed
CVE-2020-3950 was published May 24, 2022
The mysqlaccess script in MySQL 4.0.23 and earlier, 4.1.x before 4.1.10, 5.0.x before 5.0.3, and... Moderate Unreviewed
CVE-2005-0004 was published May 1, 2022
Privilege Escalation vulnerability in McAfee Total Protection (MTP) before 16.0.R26 allows local... Low Unreviewed
CVE-2020-7282 was published May 24, 2022
avahi-daemon-check-dns.sh in the Debian avahi package through 0.8-4 is executed as root via /etc... High Unreviewed
CVE-2021-26720 was published May 24, 2022
a UNIX Symbolic Link (Symlink) Following vulnerability in python-postorius of openSUSE Leap 15.2,... High Unreviewed
CVE-2021-31997 was published May 24, 2022
A UNIX Symbolic Link (Symlink) Following vulnerability in the clone-master-clean-up.sh script of... High Unreviewed
CVE-2021-32000 was published May 24, 2022
An issue in the handling of symlinks was addressed with improved validation. This issue is fixed... Moderate Unreviewed
CVE-2022-26688 was published May 27, 2022
emesenelib/ProfileManager.py in emesene before 1.6.2 allows local users to overwrite arbitrary... Low Unreviewed
CVE-2010-2053 was published May 17, 2022
A vulnerability in share_link in QSAN Storage Manager allows remote attackers to create a... High Unreviewed
CVE-2021-32518 was published May 24, 2022
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker... High Unreviewed
CVE-2021-1278 was published May 24, 2022
rlatex in AlcoveBook sgml2x 1.0.0 allows local users to overwrite arbitrary files via a symlink... Moderate Unreviewed
CVE-2008-6397 was published May 17, 2022
sng_regress in SNG 1.0.2 allows local users to overwrite arbitrary files via a symlink attack on... Moderate Unreviewed
CVE-2008-6398 was published May 17, 2022
Trend Micro Maximum Security 2022 is vulnerable to a link following vulnerability that could... High Unreviewed
CVE-2022-30687 was published May 28, 2022
A security vulnerability that can lead to local privilege escalation has been found in ’guix... Moderate Unreviewed
CVE-2021-27851 was published May 24, 2022
Link Following in Deno High
CVE-2021-41641 was published for deno (Rust) Jun 13, 2022
openibd in OpenFabrics Enterprise Distribution (OFED) 1.5.2 allows local users to overwrite... Moderate Unreviewed
CVE-2010-1693 was published May 17, 2022
Open redirect vulnerability in wp-admin/upgrade.php in WordPress, probably 2.6.x, allows remote... Moderate Unreviewed
CVE-2008-6762 was published May 17, 2022
The SmartPoster implementation on the Nokia 6131 Near Field Communication (NFC) phone with 05.12... Low Unreviewed
CVE-2008-5825 was published May 17, 2022
The AcquireDaemonLock function in ipcdUnix.cpp in Sun Innotek VirtualBox before 2.0.6 allows... Moderate Unreviewed
CVE-2008-5256 was published May 17, 2022
passwdehd in libpam-mount 0.43 allows local users to overwrite arbitrary files via a symlink... Moderate Unreviewed
CVE-2008-5138 was published May 17, 2022
bluetooth.rc in p3nfs 5.19 allows local users to overwrite arbitrary files via a symlink attack... Moderate Unreviewed
CVE-2008-5154 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database