GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,063
Composer 4,318
Erlang 31
GitHub Actions 21
Go 2,074
Maven 5,249
npm 3,746
NuGet 674
pip 3,434
Pub 12
RubyGems 892
Rust 880
Swift 37

Unreviewed advisories

All unreviewed 241,079

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

417 advisories

Filter by severity

Sort by

Least recently updated

Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability This CVE ID is... High Unreviewed

CVE-2021-28321 was published May 24, 2022

VestaCP through 0.9.8-24 allows attackers to gain privileges by creating symlinks to files for... High Unreviewed

CVE-2021-30463 was published May 24, 2022

In Malwarebytes Free 4.1.0.56, a symbolic link may be used delete an arbitrary file on the system... High Unreviewed

CVE-2020-28641 was published May 24, 2022

Digi ConnectPort X2e before 3.2.30.6 allows an attacker to escalate privileges from the python... High Unreviewed

CVE-2020-12878 was published May 24, 2022

Windows Installer Elevation of Privilege Vulnerability High Unreviewed

CVE-2021-26862 was published May 24, 2022

Trend Micro Security 2020 (Consumer) contains a vulnerability in the installer package that could... High Unreviewed

CVE-2020-27697 was published May 24, 2022

selinux_edit_copy_tfiles in sudoedit in Sudo before 1.9.5 allows a local unprivileged user to... High Unreviewed

CVE-2021-23240 was published May 24, 2022

The test suite in libopendkim in OpenDKIM through 2.10.3 allows local users to gain privileges... High Unreviewed

CVE-2020-35766 was published May 24, 2022

Ilex International Sign&go Workstation Security Suite 7.1 allows elevation of privileges via a... High Unreviewed

CVE-2020-23968 was published May 24, 2022

UNIX Symbolic Link (Symlink) Following in TP-Link Archer A7(US)_V5_200721 allows an authenticated... High Unreviewed

CVE-2020-5795 was published May 24, 2022

A vulnerability in Trend Micro Apex One and OfficeScan XG SP1 on Microsoft Windows may allow an... High Unreviewed

CVE-2020-24556 was published May 24, 2022

A vulnerability in Trend Micro Apex One on macOS may allow an attacker to manipulate a certain... High Unreviewed

CVE-2020-24559 was published May 24, 2022

A link following vulnerability in the Damage Cleanup Engine component of Trend Micro Apex One and... High Unreviewed

CVE-2022-45798 was published Dec 24, 2022

Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a symlink vulnerability... High Unreviewed

CVE-2020-9682 was published May 24, 2022

Privilege Escalation vulnerability in McAfee Data Loss Prevention (DLP) for Windows prior to 11.6... High Unreviewed

CVE-2020-7346 was published May 24, 2022

A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of exim in openSUSE... High Unreviewed

CVE-2020-8015 was published May 24, 2022

Net-SNMP through 5.7.3 allows Escalation of Privileges because of UNIX symbolic link (symlink)... High Unreviewed

CVE-2020-15861 was published May 24, 2022

Docker Desktop allows local privilege escalation to NT AUTHORITY\SYSTEM because it mishandles the... High Unreviewed

CVE-2020-10665 was published May 24, 2022

When resolving a symlink such as <code>file:///proc/self/fd/1</code>, an error message may be... High Unreviewed

CVE-2022-45412 was published Dec 22, 2022

UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of gnump3d in openSUSE Leap... High Unreviewed

CVE-2019-3697 was published May 24, 2022

UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of privoxy on openSUSE Leap... High Unreviewed

CVE-2019-3699 was published May 24, 2022

By exploiting a time of check to time of use (TOCTOU) race condition during the Endpoint Security... High Unreviewed

CVE-2021-23892 was published May 24, 2022

A link following vulnerability in the scanning function of Trend Micro Apex One and Worry-Free... High Unreviewed

CVE-2022-36336 was published Jul 31, 2022

The chkstat tool in the permissions package followed symlinks before commit... High Unreviewed

CVE-2019-3690 was published May 24, 2022

A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v82 for Linux... High Unreviewed

CVE-2019-12573 was published May 24, 2022

Previous 1 2 … 13 14 15 16 17 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

417 advisories