Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,196 advisories

Loading
Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins Critical
CVE-2021-21695 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
Dell SupportAssist Client Consumer versions 3.9.13.0 and any versions prior to 3.9.13.0 contain... High Unreviewed
CVE-2021-36286 was published May 24, 2022
A vulnerability in the Cisco IOS XE SD-WAN Software CLI could allow an authenticated, local... High Unreviewed
CVE-2021-1612 was published May 24, 2022
Improper privileges management vulnerability in McAfee Endpoint Security (ENS) Windows prior to... High Unreviewed
CVE-2021-31843 was published May 24, 2022
squashfs_opendir in unsquash-2.c in Squashfs-Tools 4.5 allows Directory Traversal, a different... High Unreviewed
CVE-2021-41072 was published May 24, 2022
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability This CVE ID is unique from... High Unreviewed
CVE-2021-36928 was published May 24, 2022
An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows attackers to... Critical Unreviewed
CVE-2021-38570 was published May 24, 2022
Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021... High Unreviewed
CVE-2021-26425 was published May 24, 2022
Windows User Account Profile Picture Elevation of Privilege Vulnerability High Unreviewed
CVE-2021-26426 was published May 24, 2022
There is an information leak vulnerability in the digital media player (DMS) of ZTE's residential... Low Unreviewed
CVE-2021-21740 was published May 24, 2022
replay-sorcery-kms in Replay Sorcery 0.6.0 allows a local attacker to gain root privileges via a... High Unreviewed
CVE-2021-36983 was published May 24, 2022
A UNIX Symbolic Link (Symlink) Following vulnerability in the clone-master-clean-up.sh script of... High Unreviewed
CVE-2021-32000 was published May 24, 2022
NVIDIA GPU Display driver for Windows contains a vulnerability where an unprivileged user can... High Unreviewed
CVE-2021-1091 was published May 24, 2022
An improper symlink following in FortiClient for Mac 6.4.3 and below may allow an non-privileged... High Unreviewed
CVE-2021-26089 was published May 24, 2022
Absolute Path Traversal vulnerability in FileStreaming in QSAN Storage Manager allows remote... Moderate Unreviewed
CVE-2021-32508 was published May 24, 2022
A vulnerability in share_link in QSAN Storage Manager allows remote attackers to create a... High Unreviewed
CVE-2021-32518 was published May 24, 2022
Absolute Path Traversal vulnerability in FileviewDoc in QSAN Storage Manager allows remote... Moderate Unreviewed
CVE-2021-32509 was published May 24, 2022
A UNIX Symbolic Link (Symlink) Following vulnerability in arpwatch of SUSE Linux Enterprise... High Unreviewed
CVE-2021-25321 was published May 24, 2022
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 could allow a local user... Moderate Unreviewed
CVE-2020-4885 was published May 24, 2022
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open... Moderate Unreviewed
CVE-2021-32549 was published May 24, 2022
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open... Moderate Unreviewed
CVE-2021-32551 was published May 24, 2022
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open... Moderate Unreviewed
CVE-2021-32548 was published May 24, 2022
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open... Moderate Unreviewed
CVE-2021-32550 was published May 24, 2022
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open... Moderate Unreviewed
CVE-2021-32547 was published May 24, 2022
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open... Moderate Unreviewed
CVE-2021-32553 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database