GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,226
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,707
NuGet
661
pip
3,338
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+
1,006 advisories
Filter by severity
AnyDesk 7.0.9 allows a local user to gain SYSTEM privileges via a symbolic link because the user...
High
Unreviewed
CVE-2022-32450
was published
Jul 19, 2022
In sound driver, there is a possible information disclosure due to symlink following. This could...
Moderate
Unreviewed
CVE-2022-21770
was published
Jul 7, 2022
Cloudflare WARP client for Windows (up to v. 2022.5.309.0) allowed creation of mount points from...
High
Unreviewed
CVE-2022-2145
was published
Jun 29, 2022
Thales Safenet Authentication Client (SAC) for Linux and Windows through 10.7.7 creates insecure...
High
Unreviewed
CVE-2021-42056
was published
Jun 25, 2022
Symlink following allows leaking out-of-bounds YAML files from Argo CD repo-server
Moderate
CVE-2022-31036
was published
for
github.com/argoproj/argo-cd
(Go)
Jun 21, 2022
Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a...
High
Unreviewed
CVE-2022-31216
was published
Jun 16, 2022
Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a...
High
Unreviewed
CVE-2022-31217
was published
Jun 16, 2022
Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a...
High
Unreviewed
CVE-2022-31218
was published
Jun 16, 2022
Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a...
High
Unreviewed
CVE-2022-31219
was published
Jun 16, 2022
Local privilege vulnerability in Yandex Browser for Windows prior to 22.3.3.684 allows a local,...
High
Unreviewed
CVE-2022-28225
was published
Jun 16, 2022
Local privilege vulnerability in Yandex Browser for Windows prior to 22.5.0.862 allows a local,...
High
Unreviewed
CVE-2021-25261
was published
Jun 16, 2022
Trend Micro Maximum Security 2022 is vulnerable to a link following vulnerability that could...
High
Unreviewed
CVE-2022-30687
was published
May 28, 2022
An issue in the handling of symlinks was addressed with improved validation. This issue is fixed...
Moderate
Unreviewed
CVE-2022-26688
was published
May 27, 2022
A validation issue existed in the handling of symlinks and was addressed with improved validation...
High
Unreviewed
CVE-2022-26704
was published
May 27, 2022
A security vulnerability that can lead to local privilege escalation has been found in ’guix...
Moderate
Unreviewed
CVE-2021-27851
was published
May 24, 2022
Symlink Traversal vulnerability in Belkin N900 due to misconfiguration in the SMB service.
High
Unreviewed
CVE-2013-4655
was published
May 24, 2022
An elevation of privilege vulnerability exists when the Windows AppX Deployment Extensions...
High
Unreviewed
CVE-2019-1385
was published
May 24, 2022
In WIBU CodeMeter Runtime before 7.30a, creating a crafted CmDongles symbolic link will overwrite...
High
Unreviewed
CVE-2021-41057
was published
May 24, 2022
Windows Installer Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2021-41379
was published
May 24, 2022
Improper Link Resolution Before File Access ('Link Following') vulnerability in the EPAG...
Moderate
Unreviewed
CVE-2021-3641
was published
May 24, 2022
Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins
Critical
CVE-2021-21686
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 24, 2022
Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins
Critical
CVE-2021-21691
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API