GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,496
Composer 4,170
Erlang 30
GitHub Actions 19
Go 1,981
Maven 5,155
npm 3,700
NuGet 656
pip 3,319
Pub 11
RubyGems 882
Rust 834
Swift 35

Unreviewed advisories

All unreviewed 232,923

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

335 advisories

Filter by severity

Sort by

Least recently updated

A path traversal vulnerability was found in the CPIO utility. This issue could allow a remote... High Unreviewed

CVE-2023-7216 was published Feb 5, 2024

A link following vulnerability in the Trend Micro Deep Security 20.0 and Trend Micro Cloud One -... High Unreviewed

CVE-2023-52338 was published Jan 23, 2024

A security agent link following vulnerability in Trend Micro Apex One could allow a local... High Unreviewed

CVE-2023-52090 was published Jan 23, 2024

A security agent link following vulnerability in Trend Micro Apex One could allow a local... High Unreviewed

CVE-2023-52092 was published Jan 23, 2024

An anti-spyware engine link following vulnerability in Trend Micro Apex One could allow a local... High Unreviewed

CVE-2023-52091 was published Jan 23, 2024

An updater link following vulnerability in the Trend Micro Apex One agent could allow a local... High Unreviewed

CVE-2023-52094 was published Jan 23, 2024

An agent link vulnerability in the Trend Micro Apex One security agent could allow a local... High Unreviewed

CVE-2023-47192 was published Jan 23, 2024

Improper Link Resolution Before File Access ('Link Following') vulnerability in HYPR Workforce... High Unreviewed

CVE-2023-6336 was published Jan 16, 2024

PAX Android based POS devices with PayDroid_8.1.0_Sagittarius_V11.1.50_20230614 or earlier can... High Unreviewed

CVE-2023-42137 was published Jan 15, 2024

IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0... High Unreviewed

CVE-2023-31003 was published Jan 11, 2024

Visual Studio Elevation of Privilege Vulnerability High Unreviewed

CVE-2024-20656 was published Jan 9, 2024

A symbolic link manipulation vulnerability in Trellix Anti-Malware Engine prior to the January... High Unreviewed

CVE-2024-0206 was published Jan 9, 2024

Support Assistant in NCP Secure Enterprise Client before 13.10 allows attackers to execute DLL... High Unreviewed

CVE-2023-28872 was published Dec 25, 2023

Support Assistant in NCP Secure Enterprise Client before 12.22 allows attackers to delete... High Unreviewed

CVE-2023-28868 was published Dec 9, 2023

Link following in Zoom Rooms for macOS before version 5.16.0 may allow an authenticated user to... High Unreviewed

CVE-2023-43590 was published Nov 15, 2023

In swtpm before 0.4.2 and 0.5.x before 0.5.1, a local attacker may be able to overwrite arbitrary... High Unreviewed

CVE-2020-28407 was published Nov 3, 2023

Due to incorrect access control, unauthenticated remote attackers can view the /video.mjpg video... High Unreviewed

CVE-2018-17559 was published Oct 27, 2023

This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sonoma... High Unreviewed

CVE-2023-42844 was published Oct 25, 2023

Zscaler Client Connector for Windows before 4.1 writes/deletes a configuration file inside... High Unreviewed

CVE-2023-28797 was published Oct 23, 2023

1E Client installer can perform arbitrary file deletion on protected files. A non-privileged... High Unreviewed

CVE-2023-45159 was published Oct 5, 2023

A Improper Link Resolution Before File Access ('Link Following') vulnerability in SUSE SUSE Linux... High Unreviewed

CVE-2023-32182 was published Sep 19, 2023

Wacom Drivers for Windows Link Following Local Privilege Escalation Vulnerability. This... High Unreviewed

CVE-2023-32163 was published Sep 6, 2023

Local privilege escalation during installation due to improper soft link handling. The following... High Unreviewed

CVE-2022-46869 was published Aug 31, 2023

An issue was discovered in TechView LA-5570 Wireless Gateway 1.0.19_T53, allows attackers to gain... High Unreviewed

CVE-2023-34723 was published Aug 26, 2023

Inappropriate implementation in OS in Google Chrome on ChromeOS prior to 75.0.3770.80 allowed a... High Unreviewed

CVE-2019-13689 was published Aug 25, 2023

Previous 1 2 3 4 5 … 13 14 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

335 advisories