Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,201 advisories

Loading
A Improper Link Resolution Before File Access ('Link Following') vulnerability in a script called... High Unreviewed
CVE-2022-31256 was published Oct 26, 2022
Dell SupportAssist Client Consumer versions 3.9.13.0 and any versions prior to 3.9.13.0 contain... High Unreviewed
CVE-2021-36286 was published May 24, 2022
A vulnerability in the Cisco IOS XE SD-WAN Software CLI could allow an authenticated, local... High Unreviewed
CVE-2021-1612 was published May 24, 2022
Netscape Navigator 7.0.2 and Mozilla allows remote attackers to access cookie information in a... Moderate Unreviewed
CVE-2003-1492 was published Apr 29, 2022
nsr_shutdown in Fujitsu Siemens NetWorker 6.0 allows local users to overwrite arbitrary files via... High Unreviewed
CVE-2003-1528 was published Apr 29, 2022
Improper privileges management vulnerability in McAfee Endpoint Security (ENS) Windows prior to... High Unreviewed
CVE-2021-31843 was published May 24, 2022
A UNIX Symbolic Link (Symlink) Following vulnerability in python-HyperKitty of openSUSE Leap 15.2... High Unreviewed
CVE-2021-25322 was published May 24, 2022
A UNIX Symbolic Link (Symlink) Following vulnerability in arpwatch of SUSE Linux Enterprise... High Unreviewed
CVE-2021-25321 was published May 24, 2022
An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows attackers to... Critical Unreviewed
CVE-2021-38570 was published May 24, 2022
Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021... High Unreviewed
CVE-2021-26425 was published May 24, 2022
Windows User Account Profile Picture Elevation of Privilege Vulnerability High Unreviewed
CVE-2021-26426 was published May 24, 2022
There is an information leak vulnerability in the digital media player (DMS) of ZTE's residential... Low Unreviewed
CVE-2021-21740 was published May 24, 2022
replay-sorcery-kms in Replay Sorcery 0.6.0 allows a local attacker to gain root privileges via a... High Unreviewed
CVE-2021-36983 was published May 24, 2022
NVIDIA GPU Display driver for Windows contains a vulnerability where an unprivileged user can... High Unreviewed
CVE-2021-1091 was published May 24, 2022
An improper symlink following in FortiClient for Mac 6.4.3 and below may allow an non-privileged... High Unreviewed
CVE-2021-26089 was published May 24, 2022
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 could allow a local user... Moderate Unreviewed
CVE-2020-4885 was published May 24, 2022
Linksys MR9600 devices before 2.0.5 allow attackers to read arbitrary files via a symbolic link... Moderate Unreviewed
CVE-2022-24372 was published Apr 28, 2022
It was discovered that the process_report() function in data/whoopsie-upload-all allowed... High Unreviewed
CVE-2021-32557 was published May 24, 2022
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open... Moderate Unreviewed
CVE-2021-32547 was published May 24, 2022
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open... Moderate Unreviewed
CVE-2021-32555 was published May 24, 2022
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open... Moderate Unreviewed
CVE-2021-32552 was published May 24, 2022
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open... Moderate Unreviewed
CVE-2021-32549 was published May 24, 2022
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open... Moderate Unreviewed
CVE-2021-32550 was published May 24, 2022
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open... Moderate Unreviewed
CVE-2021-32548 was published May 24, 2022
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open... Moderate Unreviewed
CVE-2021-32554 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database