GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,939
Maven
5,000+
npm
3,677
NuGet
643
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
380 advisories
Filter by severity
An arbitrary file deletion in ZSATrayManager where it protects the temporary encrypted ZApp...
High
Unreviewed
CVE-2023-41969
was published
Mar 26, 2024
Pyro mishandles pid files in temporary directory locations and opening the pid file as root
High
CVE-2011-2765
was published
for
pyro
(pip)
Aug 21, 2018
The Improper link resolution before file access ('Link Following') vulnerability in SonicWall...
High
Unreviewed
CVE-2024-45316
was published
Oct 11, 2024
PAX Android based POS devices with PayDroid_8.1.0_Sagittarius_V11.1.50_20230614 or earlier can...
High
Unreviewed
CVE-2023-42137
was published
Jan 15, 2024
PIL and Pillow Vulnerable to Symlink Attack on Tmpfiles
High
CVE-2014-1932
was published
for
pillow
(pip)
May 17, 2022
Windows Storage Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-43551
was published
Oct 8, 2024
Azure Monitor Agent Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-38097
was published
Oct 8, 2024
Windows Common Log File System Driver Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-43501
was published
Oct 8, 2024
A potential security vulnerability has been identified in the HP Hotkey Support software, which...
High
Unreviewed
CVE-2024-27458
was published
Oct 7, 2024
A security agent link following vulnerability in Trend Micro Apex One could allow a local...
High
Unreviewed
CVE-2024-36305
was published
Jun 11, 2024
Numpy arbitrary file write via symlink attack
High
CVE-2014-1859
was published
for
numpy
(pip)
May 14, 2022
Improper Link Resolution Before File Access in logilab-commons
High
CVE-2014-1838
was published
for
logilab-common
(pip)
May 14, 2022
In the Linux kernel, the following vulnerability has been resolved:
Squashfs: sanity check...
High
Unreviewed
CVE-2024-46744
was published
Sep 18, 2024
HashiCorp Nomad vulnerable to symlink attacks
High
CVE-2024-1329
was published
for
github.com/hashicorp/nomad
(Go)
Feb 8, 2024
An arbitrary file deletion vulnerability exists in PaperCut NG/MF, specifically affecting Windows...
High
Unreviewed
CVE-2024-8404
was published
Sep 26, 2024
Mercurial missing symlink check
High
CVE-2017-1000115
was published
for
mercurial
(pip)
May 14, 2022
Local privilege escalation during installation due to improper soft link handling. The following...
High
Unreviewed
CVE-2022-46869
was published
Aug 31, 2023
Due to incorrect access control, unauthenticated remote attackers can view the /video.mjpg video...
High
Unreviewed
CVE-2018-17559
was published
Oct 27, 2023
Azure Network Watcher VM Agent Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-38188
was published
Sep 10, 2024
Azure Network Watcher VM Agent Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-43470
was published
Sep 10, 2024
Ansible Sandbox Escape via Symlink Attack
High
CVE-2015-6240
was published
for
ansible
(pip)
May 13, 2022
VIPRE Advanced Security PMAgent Link Following Local Privilege Escalation Vulnerability. This...
High
Unreviewed
CVE-2024-5928
was published
Aug 21, 2024
Microsoft OfficePlus Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-38084
was published
Aug 13, 2024
Azure Connected Machine Agent Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-38098
was published
Aug 13, 2024
ProTip!
Advisories are also available from the
GraphQL API