GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,168
Erlang
30
GitHub Actions
19
Go
1,981
Maven
5,000+
npm
3,700
NuGet
656
pip
3,319
Pub
11
RubyGems
882
Rust
832
Swift
35
Unreviewed advisories
All unreviewed
5,000+
1,001 advisories
Filter by severity
Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a...
High
Unreviewed
CVE-2022-31218
was published
Jun 16, 2022
Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a...
High
Unreviewed
CVE-2022-31219
was published
Jun 16, 2022
Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a...
High
Unreviewed
CVE-2022-31217
was published
Jun 16, 2022
Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a...
High
Unreviewed
CVE-2022-31216
was published
Jun 16, 2022
Local privilege vulnerability in Yandex Browser for Windows prior to 22.3.3.684 allows a local,...
High
Unreviewed
CVE-2022-28225
was published
Jun 16, 2022
Local privilege vulnerability in Yandex Browser for Windows prior to 22.5.0.862 allows a local,...
High
Unreviewed
CVE-2021-25261
was published
Jun 16, 2022
Trend Micro Maximum Security 2022 is vulnerable to a link following vulnerability that could...
High
Unreviewed
CVE-2022-30687
was published
May 28, 2022
An issue in the handling of symlinks was addressed with improved validation. This issue is fixed...
Moderate
Unreviewed
CVE-2022-26688
was published
May 27, 2022
A validation issue existed in the handling of symlinks and was addressed with improved validation...
High
Unreviewed
CVE-2022-26704
was published
May 27, 2022
A security vulnerability that can lead to local privilege escalation has been found in ’guix...
Moderate
Unreviewed
CVE-2021-27851
was published
May 24, 2022
Symlink Traversal vulnerability in Belkin N900 due to misconfiguration in the SMB service.
High
Unreviewed
CVE-2013-4655
was published
May 24, 2022
An elevation of privilege vulnerability exists when the Windows AppX Deployment Extensions...
High
Unreviewed
CVE-2019-1385
was published
May 24, 2022
In WIBU CodeMeter Runtime before 7.30a, creating a crafted CmDongles symbolic link will overwrite...
High
Unreviewed
CVE-2021-41057
was published
May 24, 2022
Windows Installer Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2021-41379
was published
May 24, 2022
Improper Link Resolution Before File Access ('Link Following') vulnerability in the EPAG...
Moderate
Unreviewed
CVE-2021-3641
was published
May 24, 2022
Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins
Critical
CVE-2021-21686
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 24, 2022
Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins
Critical
CVE-2021-21691
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 24, 2022
Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins
Critical
CVE-2021-21695
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 24, 2022
Dell SupportAssist Client Consumer versions 3.9.13.0 and any versions prior to 3.9.13.0 contain...
High
Unreviewed
CVE-2021-36286
was published
May 24, 2022
A vulnerability in the Cisco IOS XE SD-WAN Software CLI could allow an authenticated, local...
High
Unreviewed
CVE-2021-1612
was published
May 24, 2022
Improper privileges management vulnerability in McAfee Endpoint Security (ENS) Windows prior to...
High
Unreviewed
CVE-2021-31843
was published
May 24, 2022
squashfs_opendir in unsquash-2.c in Squashfs-Tools 4.5 allows Directory Traversal, a different...
High
Unreviewed
CVE-2021-41072
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API