Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,082 advisories

Loading
PAX Android based POS devices with PayDroid_8.1.0_Sagittarius_V11.1.50_20230614 or earlier can... High Unreviewed
CVE-2023-42137 was published Jan 15, 2024
IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0... High Unreviewed
CVE-2023-31003 was published Jan 11, 2024
Visual Studio Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-20656 was published Jan 9, 2024
A symbolic link manipulation vulnerability in Trellix Anti-Malware Engine prior to the January... High Unreviewed
CVE-2024-0206 was published Jan 9, 2024
Improper link resolution before file access ('Link Following') issue exists in iPrint&Scan... Moderate Unreviewed
CVE-2023-51654 was published Dec 26, 2023
Support Assistant in NCP Secure Enterprise Client before 13.10 allows attackers to execute DLL... High Unreviewed
CVE-2023-28872 was published Dec 25, 2023
Support Assistant in NCP Secure Enterprise Client before 12.22 allows attackers read the contents... Moderate Unreviewed
CVE-2023-28869 was published Dec 9, 2023
Support Assistant in NCP Secure Enterprise Client before 12.22 allows attackers to read registry... Moderate Unreviewed
CVE-2023-28871 was published Dec 9, 2023
Support Assistant in NCP Secure Enterprise Client before 12.22 allows attackers to delete... High Unreviewed
CVE-2023-28868 was published Dec 9, 2023
Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security Management Server... Moderate Unreviewed
CVE-2023-39246 was published Nov 16, 2023
Link following in Zoom Rooms for macOS before version 5.16.0 may allow an authenticated user to... High Unreviewed
CVE-2023-43590 was published Nov 15, 2023
In swtpm before 0.4.2 and 0.5.x before 0.5.1, a local attacker may be able to overwrite arbitrary... High Unreviewed
CVE-2020-28407 was published Nov 3, 2023
Due to incorrect access control, unauthenticated remote attackers can view the /video.mjpg video... High Unreviewed
CVE-2018-17559 was published Oct 27, 2023
This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sonoma... High Unreviewed
CVE-2023-42844 was published Oct 25, 2023
Zscaler Client Connector for Windows before 4.1 writes/deletes a configuration file inside... High Unreviewed
CVE-2023-28797 was published Oct 23, 2023
1E Client installer can perform arbitrary file deletion on protected files.   A non-privileged... High Unreviewed
CVE-2023-45159 was published Oct 5, 2023
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS... Moderate Unreviewed
CVE-2023-41968 was published Sep 27, 2023
A Improper Link Resolution Before File Access ('Link Following') vulnerability in SUSE SUSE Linux... High Unreviewed
CVE-2023-32182 was published Sep 19, 2023
Wacom Drivers for Windows Link Following Local Privilege Escalation Vulnerability. This... High Unreviewed
CVE-2023-32163 was published Sep 6, 2023
Local privilege escalation during installation due to improper soft link handling. The following... High Unreviewed
CVE-2022-46869 was published Aug 31, 2023
An issue was discovered in TechView LA-5570 Wireless Gateway 1.0.19_T53, allows attackers to gain... High Unreviewed
CVE-2023-34723 was published Aug 26, 2023
Inappropriate implementation in OS in Google Chrome on ChromeOS prior to 75.0.3770.80 allowed a... High Unreviewed
CVE-2019-13689 was published Aug 25, 2023
UnRAR before 6.2.3 allows extraction of files outside of the destination folder via symlink chains. High Unreviewed
CVE-2022-48579 was published Aug 7, 2023
An arbitrary file overwrite vulnerability in NoMachine Free Edition and Enterprise Client for... Critical Unreviewed
CVE-2023-39107 was published Aug 4, 2023
The Firefox updater created a directory writable by non-privileged users. When uninstalling... Moderate Unreviewed
CVE-2023-4052 was published Aug 1, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database