GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,083
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,644
NuGet
638
pip
3,260
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
987 advisories
Filter by severity
The init script in the Debian x11-common package before 1:7.6+12 is vulnerable to a symlink...
Moderate
Unreviewed
CVE-2012-1093
was published
Apr 23, 2022
An exploitable vulnerability exists in the /api/CONFIG/restore functionality of Circle with...
High
Unreviewed
CVE-2017-2916
was published
May 13, 2022
Improper Link Resolution Before File Access in Apache Hadoop
Moderate
CVE-2014-3627
was published
for
org.apache.hadoop:hadoop-client
(Maven)
May 17, 2022
In Checkmk before 1.6.0p29, 2.x before 2.0.0p25, and 2.1.x before 2.1.0b10, a site user can...
High
Unreviewed
CVE-2022-31258
was published
May 21, 2022
VMware Fusion (11.x before 11.5.2), VMware Remote Console for Mac (11.x and prior before 11.0.1)...
High
Unreviewed
CVE-2020-3950
was published
May 24, 2022
The mysqlaccess script in MySQL 4.0.23 and earlier, 4.1.x before 4.1.10, 5.0.x before 5.0.3, and...
Moderate
Unreviewed
CVE-2005-0004
was published
May 1, 2022
Privilege Escalation vulnerability in McAfee Total Protection (MTP) before 16.0.R26 allows local...
Low
Unreviewed
CVE-2020-7282
was published
May 24, 2022
avahi-daemon-check-dns.sh in the Debian avahi package through 0.8-4 is executed as root via /etc...
High
Unreviewed
CVE-2021-26720
was published
May 24, 2022
a UNIX Symbolic Link (Symlink) Following vulnerability in python-postorius of openSUSE Leap 15.2,...
High
Unreviewed
CVE-2021-31997
was published
May 24, 2022
A UNIX Symbolic Link (Symlink) Following vulnerability in the clone-master-clean-up.sh script of...
High
Unreviewed
CVE-2021-32000
was published
May 24, 2022
An issue in the handling of symlinks was addressed with improved validation. This issue is fixed...
Moderate
Unreviewed
CVE-2022-26688
was published
May 27, 2022
emesenelib/ProfileManager.py in emesene before 1.6.2 allows local users to overwrite arbitrary...
Low
Unreviewed
CVE-2010-2053
was published
May 17, 2022
A vulnerability in share_link in QSAN Storage Manager allows remote attackers to create a...
High
Unreviewed
CVE-2021-32518
was published
May 24, 2022
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker...
High
Unreviewed
CVE-2021-1278
was published
May 24, 2022
rlatex in AlcoveBook sgml2x 1.0.0 allows local users to overwrite arbitrary files via a symlink...
Moderate
Unreviewed
CVE-2008-6397
was published
May 17, 2022
sng_regress in SNG 1.0.2 allows local users to overwrite arbitrary files via a symlink attack on...
Moderate
Unreviewed
CVE-2008-6398
was published
May 17, 2022
Trend Micro Maximum Security 2022 is vulnerable to a link following vulnerability that could...
High
Unreviewed
CVE-2022-30687
was published
May 28, 2022
A security vulnerability that can lead to local privilege escalation has been found in ’guix...
Moderate
Unreviewed
CVE-2021-27851
was published
May 24, 2022
openibd in OpenFabrics Enterprise Distribution (OFED) 1.5.2 allows local users to overwrite...
Moderate
Unreviewed
CVE-2010-1693
was published
May 17, 2022
Open redirect vulnerability in wp-admin/upgrade.php in WordPress, probably 2.6.x, allows remote...
Moderate
Unreviewed
CVE-2008-6762
was published
May 17, 2022
The SmartPoster implementation on the Nokia 6131 Near Field Communication (NFC) phone with 05.12...
Low
Unreviewed
CVE-2008-5825
was published
May 17, 2022
The AcquireDaemonLock function in ipcdUnix.cpp in Sun Innotek VirtualBox before 2.0.6 allows...
Moderate
Unreviewed
CVE-2008-5256
was published
May 17, 2022
passwdehd in libpam-mount 0.43 allows local users to overwrite arbitrary files via a symlink...
Moderate
Unreviewed
CVE-2008-5138
was published
May 17, 2022
bluetooth.rc in p3nfs 5.19 allows local users to overwrite arbitrary files via a symlink attack...
Moderate
Unreviewed
CVE-2008-5154
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API