Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,201 advisories

Loading
Link Following Local Privilege Escalation Vulnerability in TuneUp Service in AVG TuneUp Version... High Unreviewed
CVE-2024-13960 was published May 9, 2025
Local Privilege Escalation in Avira.Spotlight.Service.exe in Avira Prime 1.1.96.2 on Windows 10... High Unreviewed
CVE-2024-13759 was published May 9, 2025
Link Following Local Privilege Escalation Vulnerability in TuneupSvc.exe in AVG TuneUp 24.2.16593... High Unreviewed
CVE-2024-13959 was published May 9, 2025
Certain HP Print products and Digital Sending products may be vulnerable to potential remote code... Critical Unreviewed
CVE-2021-3942 was published Dec 12, 2022
The setpermissions function in the auto-updater in Arq before 5.9.7 for Mac allows local users to... High Unreviewed
CVE-2017-15357 was published May 13, 2022
It was found that versions of rpm before 4.13.0.2 use temporary files with predictable names when... High Unreviewed
CVE-2017-7501 was published May 13, 2022
PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10, 9.4.x before 9.4.15, 9.3.x... High Unreviewed
CVE-2017-12172 was published May 13, 2022
foo2zjs before 20110722dfsg-3ubuntu1 as packaged in Ubuntu, 20110722dfsg-1 as packaged in Debian... Moderate Unreviewed
CVE-2011-2684 was published May 17, 2022
A vulnerability in the web-based UI of Cisco Unified Communications Manager could allow an... Moderate Unreviewed
CVE-2017-12258 was published May 13, 2022
mktexlsr revision 22855 through revision 36625 as packaged in texlive allows local users to write... Moderate Unreviewed
CVE-2015-5700 was published May 14, 2022
Unspecified tests in Lynis before 2.5.0 allow local users to write to arbitrary files or possibly... High Unreviewed
CVE-2017-8108 was published May 13, 2022
AMD fglrx-driver before 15.9 allows local users to gain privileges via a symlink attack. NOTE:... High Unreviewed
CVE-2015-7724 was published May 14, 2022
Automatic Bug Reporting Tool (ABRT) allows local users to read, change the ownership of, or have... High Unreviewed
CVE-2015-3315 was published May 14, 2022
AMD fglrx-driver before 15.7 allows local users to gain privileges via a symlink attack. High Unreviewed
CVE-2015-7723 was published May 14, 2022
The postinst script in the tomcat6 package before 6.0.45+dfsg-1~deb7u4 on Debian wheezy, before 6... High Unreviewed
CVE-2016-9774 was published May 14, 2022
mail.local in NetBSD versions 6.0 through 6.0.6, 6.1 through 6.1.5, and 7.0 allows local users to... High Unreviewed
CVE-2016-6253 was published May 17, 2022
A potential security vulnerability has been identified in the HP Touchpoint Analytics Service for... Moderate Unreviewed
CVE-2025-1697 was published Apr 18, 2025
A Improper Link Resolution vulnerability (CWE-59) in the SonicWall Connect Tunnel Windows (32 and... High Unreviewed
CVE-2025-32817 was published Apr 16, 2025
A link following vulnerability in the Damage Cleanup Engine component of Trend Micro Apex One and... High Unreviewed
CVE-2022-45798 was published Dec 24, 2022
When resolving a symlink such as <code>file:///proc/self/fd/1</code>, an error message may be... High Unreviewed
CVE-2022-45412 was published Dec 22, 2022
Dell Trusted Device, versions prior to 7.0.3.0, contain an Improper Link Resolution Before File... Moderate Unreviewed
CVE-2025-29983 was published Apr 15, 2025
Script Injection in Show In Browser gem Moderate
CVE-2013-2105 was published for show_in_browser (RubyGems) Oct 24, 2017
base/logging.c in Nagios Core before 4.2.4 allows local users with access to an account in the... High Unreviewed
CVE-2016-9566 was published May 14, 2022
mysqld_safe in Oracle MySQL through 5.5.51, 5.6.x through 5.6.32, and 5.7.x through 5.7.14;... High Unreviewed
CVE-2016-6664 was published May 13, 2022
The nginx package before 1.6.2-5+deb8u3 on Debian jessie, the nginx packages before 1.4.6... High Unreviewed
CVE-2016-1247 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database