Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,083
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,644
NuGet
638
pip
3,260
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

885 advisories

Loading
Windows 10 Update Assistant Elevation of Privilege Vulnerability This CVE ID is unique from CVE... High Unreviewed
CVE-2021-42297 was published Nov 25, 2021
Windows Setup Elevation of Privilege Vulnerability High Unreviewed
CVE-2021-43237 was published Dec 16, 2021
A link following denial-of-service (DoS) vulnerability in the Trend Micro Security (Consumer)... High Unreviewed
CVE-2021-44023 was published Dec 17, 2021
Trendnet AC2600 TEW-827DRU version 2.08B01 contains a symlink vulnerability in the bittorrent... Moderate Unreviewed
CVE-2021-20153 was published Dec 31, 2021
A link following denial-of-service vulnerability in Trend Micro Worry-Free Business Security (on... High Unreviewed
CVE-2021-45442 was published Jan 11, 2022
A link following denial-of-service vulnerability in Trend Micro Apex One (on-prem and SaaS) and... High Unreviewed
CVE-2021-44024 was published Jan 11, 2022
Windows User Profile Service Elevation of Privilege Vulnerability. This CVE ID is unique from CVE... High Unreviewed
CVE-2022-21919 was published Jan 12, 2022
Windows User Profile Service Elevation of Privilege Vulnerability. This CVE ID is unique from CVE... High Unreviewed
CVE-2022-21895 was published Jan 12, 2022
Windows Cleanup Manager Elevation of Privilege Vulnerability. Moderate Unreviewed
CVE-2022-21838 was published Jan 12, 2022
An improper link resolution before file access vulnerability exists in the Palo Alto Networks... High Unreviewed
CVE-2022-0012 was published Jan 13, 2022
A UNIX Symbolic Link (Symlink) Following vulnerability in the systemd service file for watchman... High Unreviewed
CVE-2022-21944 was published Jan 27, 2022
This affects the package juce-framework/JUCE before 6.1.5. This vulnerability is triggered when a... High Unreviewed
CVE-2021-23521 was published Feb 8, 2022
An improper link resolution before file access ('link following') vulnerability exists in the... High Unreviewed
CVE-2022-0017 was published Feb 11, 2022
snapd 2.54.2 did not properly validate the location of the snap-confine binary. A local attacker... High Unreviewed
CVE-2021-44730 was published Feb 19, 2022
All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink... Moderate Unreviewed
CVE-2021-44141 was published Feb 22, 2022
A security link following local privilege escalation vulnerability in Trend Micro Apex One, Trend... High Unreviewed
CVE-2022-24679 was published Feb 25, 2022
A link following privilege escalation vulnerability in Trend Micro Antivirus for Max 11.0.2150... High Unreviewed
CVE-2022-24671 was published Feb 25, 2022
A security link following local privilege escalation vulnerability in Trend Micro Apex One, Trend... High Unreviewed
CVE-2022-24680 was published Feb 25, 2022
ROG Live Service’s function for deleting temp files created by installation has an improper link... High Unreviewed
CVE-2022-22262 was published Mar 2, 2022
In connsyslogger, there is a possible symbolic link following due to improper link resolution.... Moderate Unreviewed
CVE-2022-20050 was published Mar 11, 2022
An issue existed within the path validation logic for symlinks. This issue was addressed with... High Unreviewed
CVE-2022-22585 was published Mar 19, 2022
Docker Desktop installer on Windows in versions before 4.6.0 allows an attacker to overwrite any... High Unreviewed
CVE-2022-26659 was published Mar 26, 2022
The combination of primitives offered by SMB and AFP in their default configuration allows the... Critical Unreviewed
CVE-2022-22995 was published Mar 27, 2022
A link following vulnerability in Trend Micro Antivirus for Mac 11.5 could allow an attacker to... High Unreviewed
CVE-2022-27883 was published Apr 10, 2022
VMware Horizon Client for Linux (prior to 22.x) contains a local privilege escalation as a user... High Unreviewed
CVE-2022-22962 was published Apr 12, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database