GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,939
Maven
5,000+
npm
3,677
NuGet
643
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
997 advisories
Filter by severity
The AcquireDaemonLock function in ipcdUnix.cpp in Sun Innotek VirtualBox before 2.0.6 allows...
Moderate
Unreviewed
CVE-2008-5256
was published
May 17, 2022
Open redirect vulnerability in wp-admin/upgrade.php in WordPress, probably 2.6.x, allows remote...
Moderate
Unreviewed
CVE-2008-6762
was published
May 17, 2022
The SmartPoster implementation on the Nokia 6131 Near Field Communication (NFC) phone with 05.12...
Low
Unreviewed
CVE-2008-5825
was published
May 17, 2022
openibd in OpenFabrics Enterprise Distribution (OFED) 1.5.2 allows local users to overwrite...
Moderate
Unreviewed
CVE-2010-1693
was published
May 17, 2022
A security vulnerability that can lead to local privilege escalation has been found in ’guix...
Moderate
Unreviewed
CVE-2021-27851
was published
May 24, 2022
Trend Micro Maximum Security 2022 is vulnerable to a link following vulnerability that could...
High
Unreviewed
CVE-2022-30687
was published
May 28, 2022
sng_regress in SNG 1.0.2 allows local users to overwrite arbitrary files via a symlink attack on...
Moderate
Unreviewed
CVE-2008-6398
was published
May 17, 2022
rlatex in AlcoveBook sgml2x 1.0.0 allows local users to overwrite arbitrary files via a symlink...
Moderate
Unreviewed
CVE-2008-6397
was published
May 17, 2022
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker...
High
Unreviewed
CVE-2021-1278
was published
May 24, 2022
A vulnerability in share_link in QSAN Storage Manager allows remote attackers to create a...
High
Unreviewed
CVE-2021-32518
was published
May 24, 2022
emesenelib/ProfileManager.py in emesene before 1.6.2 allows local users to overwrite arbitrary...
Low
Unreviewed
CVE-2010-2053
was published
May 17, 2022
An issue in the handling of symlinks was addressed with improved validation. This issue is fixed...
Moderate
Unreviewed
CVE-2022-26688
was published
May 27, 2022
A UNIX Symbolic Link (Symlink) Following vulnerability in the clone-master-clean-up.sh script of...
High
Unreviewed
CVE-2021-32000
was published
May 24, 2022
a UNIX Symbolic Link (Symlink) Following vulnerability in python-postorius of openSUSE Leap 15.2,...
High
Unreviewed
CVE-2021-31997
was published
May 24, 2022
avahi-daemon-check-dns.sh in the Debian avahi package through 0.8-4 is executed as root via /etc...
High
Unreviewed
CVE-2021-26720
was published
May 24, 2022
Privilege Escalation vulnerability in McAfee Total Protection (MTP) before 16.0.R26 allows local...
Low
Unreviewed
CVE-2020-7282
was published
May 24, 2022
The mysqlaccess script in MySQL 4.0.23 and earlier, 4.1.x before 4.1.10, 5.0.x before 5.0.3, and...
Moderate
Unreviewed
CVE-2005-0004
was published
May 1, 2022
VMware Fusion (11.x before 11.5.2), VMware Remote Console for Mac (11.x and prior before 11.0.1)...
High
Unreviewed
CVE-2020-3950
was published
May 24, 2022
Improper Link Resolution Before File Access in Apache Hadoop
Moderate
CVE-2014-3627
was published
for
org.apache.hadoop:hadoop-client
(Maven)
May 17, 2022
In Checkmk before 1.6.0p29, 2.x before 2.0.0p25, and 2.1.x before 2.1.0b10, a site user can...
High
Unreviewed
CVE-2022-31258
was published
May 21, 2022
An exploitable vulnerability exists in the /api/CONFIG/restore functionality of Circle with...
High
Unreviewed
CVE-2017-2916
was published
May 13, 2022
The init script in the Debian x11-common package before 1:7.6+12 is vulnerable to a symlink...
Moderate
Unreviewed
CVE-2012-1093
was published
Apr 23, 2022
Backup in Apple iOS before 8.4.1 allows attackers to bypass intended restrictions on filesystem...
Moderate
Unreviewed
CVE-2015-5752
was published
May 17, 2022
alsa-utils 1.0.19 and later versions allows local users to overwrite arbitrary files via a...
Low
Unreviewed
CVE-2009-0035
was published
Apr 21, 2022
ProTip!
Advisories are also available from the
GraphQL API