Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,196 advisories

Loading
Windows Installer Elevation of Privilege Vulnerability High Unreviewed
CVE-2021-26862 was published May 24, 2022
Western Digital My Cloud OS 5 devices before 5.10.122 mishandle Symbolic Link Following on SMB... High Unreviewed
CVE-2021-3310 was published May 24, 2022
A vulnerability exists in IBM SPSS Modeler Subscription Installer that allows a user with create... Moderate Unreviewed
CVE-2020-4717 was published May 24, 2022
Windows Mobile Device Management Information Disclosure Vulnerability Moderate Unreviewed
CVE-2021-24084 was published May 24, 2022
Digi ConnectPort X2e before 3.2.30.6 allows an attacker to escalate privileges from the python... High Unreviewed
CVE-2020-12878 was published May 24, 2022
avahi-daemon-check-dns.sh in the Debian avahi package through 0.8-4 is executed as root via /etc... High Unreviewed
CVE-2021-26720 was published May 24, 2022
Mumble before 1.3.4 allows remote code execution if a victim navigates to a crafted URL on a... High Unreviewed
CVE-2021-27229 was published May 24, 2022
Privilege Escalation vulnerability in McAfee Total Protection (MTP) prior to 16.0.30 allows a... Moderate Unreviewed
CVE-2021-23873 was published May 24, 2022
autoar-extractor.c in GNOME gnome-autoar through 0.2.4, as used by GNOME Shell, Nautilus, and... Moderate Unreviewed
CVE-2020-36241 was published May 24, 2022
OnCommand Unified Manager Core Package versions prior to 5.2.5 may disclose sensitive account... Moderate Unreviewed
CVE-2020-8585 was published May 24, 2022
IBM Security Identity Governance and Intelligence 5.2.6 does not set the secure attribute on... Moderate Unreviewed
CVE-2020-4966 was published May 24, 2022
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker... High Unreviewed
CVE-2021-1278 was published May 24, 2022
Arbitrary file read vulnerability in workspace browsers in Jenkins Moderate
CVE-2021-21602 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
A vulnerability in the Secure FTP (SFTP) of Cisco StarOS for Cisco ASR 5000 Series Routers could... Moderate Unreviewed
CVE-2021-1145 was published May 24, 2022
selinux_edit_copy_tfiles in sudoedit in Sudo before 1.9.5 allows a local unprivileged user to... High Unreviewed
CVE-2021-23240 was published May 24, 2022
The sudoedit personality of Sudo before 1.9.5 may allow a local unprivileged user to perform... Low Unreviewed
CVE-2021-23239 was published May 24, 2022
The test suite in libopendkim in OpenDKIM through 2.10.3 allows local users to gain privileges... High Unreviewed
CVE-2020-35766 was published May 24, 2022
In Malwarebytes Free 4.1.0.56, a symbolic link may be used delete an arbitrary file on the system... High Unreviewed
CVE-2020-28641 was published May 24, 2022
NLnet Labs Unbound, up to and including version 1.12.0, and NLnet Labs NSD, up to and including... Moderate Unreviewed
CVE-2020-28935 was published May 24, 2022
An issue existed within the path validation logic for symlinks. This issue was addressed with... High Unreviewed
CVE-2020-10003 was published May 24, 2022
UNIX Symbolic Link (Symlink) Following in TP-Link Archer C9(US)_V1_180125 firmware allows an... Moderate Unreviewed
CVE-2020-5797 was published May 24, 2022
Privilege escalation via arbitrary file write in pritunl electron client 1.0.1116.6 through v1.2... Critical Unreviewed
CVE-2020-25989 was published May 24, 2022
Trend Micro Security 2020 (Consumer) contains a vulnerability in the installer package that could... High Unreviewed
CVE-2020-27697 was published May 24, 2022
Ilex International Sign&go Workstation Security Suite 7.1 allows elevation of privileges via a... High Unreviewed
CVE-2020-23968 was published May 24, 2022
UNIX Symbolic Link (Symlink) Following in TP-Link Archer A7(US)_V5_200721 allows an authenticated... High Unreviewed
CVE-2020-5795 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database