Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

507 advisories

Loading
An issue existed within the path validation logic for symlinks. This issue was addressed with... High Unreviewed
CVE-2020-9900 was published May 24, 2022
An issue existed within the path validation logic for symlinks. This issue was addressed with... High Unreviewed
CVE-2020-9901 was published May 24, 2022
An elevation of privilege vulnerability exists when Group Policy improperly checks access, aka ... High Unreviewed
CVE-2020-16939 was published May 24, 2022
A vulnerability in Trend Micro Apex One and OfficeScan XG SP1 on Microsoft Windows may allow an... High Unreviewed
CVE-2020-24556 was published May 24, 2022
A vulnerability in Trend Micro Apex One on macOS may allow an attacker to manipulate a certain... High Unreviewed
CVE-2020-24559 was published May 24, 2022
Net-SNMP through 5.7.3 allows Escalation of Privileges because of UNIX symbolic link (symlink)... High Unreviewed
CVE-2020-15861 was published May 24, 2022
Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a symlink vulnerability... High Unreviewed
CVE-2020-9682 was published May 24, 2022
Avira Antivirus before 5.0.2003.1821 on Windows allows privilege escalation or a denial of... High Unreviewed
CVE-2020-12254 was published May 24, 2022
A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of exim in openSUSE... High Unreviewed
CVE-2020-8015 was published May 24, 2022
Docker Desktop allows local privilege escalation to NT AUTHORITY\SYSTEM because it mishandles the... High Unreviewed
CVE-2020-10665 was published May 24, 2022
VMware Fusion (11.x before 11.5.2), VMware Remote Console for Mac (11.x and prior before 11.0.1)... High Unreviewed
CVE-2020-3950 was published May 24, 2022
An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer... High Unreviewed
CVE-2020-0787 was published May 24, 2022
A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of salt of SUSE Linux... High Unreviewed
CVE-2019-18897 was published May 24, 2022
An elevation of privilege vulnerability exists in the Windows Installer when MSI packages process... High Unreviewed
CVE-2020-0683 was published May 24, 2022
UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of privoxy on openSUSE Leap... High Unreviewed
CVE-2019-3699 was published May 24, 2022
UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of gnump3d in openSUSE Leap... High Unreviewed
CVE-2019-3697 was published May 24, 2022
The packaging of inn on SUSE Linux Enterprise Server 11; openSUSE Factory, Leap 15.1 allows local... High Unreviewed
CVE-2019-3692 was published May 24, 2022
A Symbolic Link (Symlink) Following vulnerability in the packaging of munin in openSUSE Factory,... High Unreviewed
CVE-2019-3694 was published May 24, 2022
A symlink following vulnerability in the packaging of mailman in SUSE Linux Enterprise Server 11,... High Unreviewed
CVE-2019-3693 was published May 24, 2022
A Symbolic Link (Symlink) Following vulnerability in the packaging of munge in SUSE SUSE Linux... High Unreviewed
CVE-2019-3691 was published May 24, 2022
UNIX Symbolic Link (Symlink) Following vulnerability in the trousers package of SUSE SUSE Linux... High Unreviewed
CVE-2019-18898 was published May 24, 2022
storeBackup.pl in storeBackup through 3.5 relies on the /tmp/storeBackup.lock pathname, which... High Unreviewed
CVE-2020-7040 was published May 24, 2022
The default event handling scripts in Automatic Bug Reporting Tool (ABRT) allow local users to... High Unreviewed
CVE-2015-1869 was published May 24, 2022
An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly... High Unreviewed
CVE-2019-1483 was published May 24, 2022
The chkstat tool in the permissions package followed symlinks before commit... High Unreviewed
CVE-2019-3690 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database