Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,340
Erlang
31
GitHub Actions
22
Go
2,101
Maven
5,000+
npm
3,764
NuGet
679
pip
3,451
Pub
12
RubyGems
892
Rust
885
Swift
37
Unreviewed advisories
All unreviewed
5,000+

421 advisories

Loading
Microsoft Windows Folder Redirection Elevation of Privilege Vulnerability High Unreviewed
CVE-2021-26887 was published May 24, 2022
Improper link resolution before file access in Intel(R) DSA before version 20.11.50.9 may allow... High Unreviewed
CVE-2021-0094 was published May 24, 2022
It was discovered that the process_report() function in data/whoopsie-upload-all allowed... High Unreviewed
CVE-2021-32557 was published May 24, 2022
An improper symlink following in FortiClient for Mac 6.4.3 and below may allow an non-privileged... High Unreviewed
CVE-2021-26089 was published May 24, 2022
NVIDIA GPU Display driver for Windows contains a vulnerability where an unprivileged user can... High Unreviewed
CVE-2021-1091 was published May 24, 2022
replay-sorcery-kms in Replay Sorcery 0.6.0 allows a local attacker to gain root privileges via a... High Unreviewed
CVE-2021-36983 was published May 24, 2022
Windows User Account Profile Picture Elevation of Privilege Vulnerability High Unreviewed
CVE-2021-26426 was published May 24, 2022
Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021... High Unreviewed
CVE-2021-26425 was published May 24, 2022
A UNIX Symbolic Link (Symlink) Following vulnerability in arpwatch of SUSE Linux Enterprise... High Unreviewed
CVE-2021-25321 was published May 24, 2022
A UNIX Symbolic Link (Symlink) Following vulnerability in python-HyperKitty of openSUSE Leap 15.2... High Unreviewed
CVE-2021-25322 was published May 24, 2022
Improper privileges management vulnerability in McAfee Endpoint Security (ENS) Windows prior to... High Unreviewed
CVE-2021-31843 was published May 24, 2022
nsr_shutdown in Fujitsu Siemens NetWorker 6.0 allows local users to overwrite arbitrary files via... High Unreviewed
CVE-2003-1528 was published Apr 29, 2022
A vulnerability in the Cisco IOS XE SD-WAN Software CLI could allow an authenticated, local... High Unreviewed
CVE-2021-1612 was published May 24, 2022
Dell SupportAssist Client Consumer versions 3.9.13.0 and any versions prior to 3.9.13.0 contain... High Unreviewed
CVE-2021-36286 was published May 24, 2022
A Improper Link Resolution Before File Access ('Link Following') vulnerability in a script called... High Unreviewed
CVE-2022-31256 was published Oct 26, 2022
A link following local privilege escalation vulnerability in Trend Micro Apex One and Trend Micro... High Unreviewed
CVE-2022-40143 was published Sep 20, 2022
In WIBU CodeMeter Runtime before 7.30a, creating a crafted CmDongles symbolic link will overwrite... High Unreviewed
CVE-2021-41057 was published May 24, 2022
Windows Internet Naming Service (WINS) allows remote attackers to cause a denial of service ... High Unreviewed
CVE-1999-1593 was published Apr 30, 2022
A symlink following vulnerability in the packaging of mailman in SUSE Linux Enterprise Server 11,... High Unreviewed
CVE-2019-3693 was published May 24, 2022
cvsupd.sh in CVSup 1.2 allows local users to overwrite arbitrary files and gain privileges via a... High Unreviewed
CVE-2002-2382 was published Apr 30, 2022
UNIX Symbolic Link (Symlink) Following vulnerability in the trousers package of SUSE SUSE Linux... High Unreviewed
CVE-2019-18898 was published May 24, 2022
A Symbolic Link (Symlink) Following vulnerability in the packaging of munin in openSUSE Factory,... High Unreviewed
CVE-2019-3694 was published May 24, 2022
Local privilege escalation due to improper soft link handling. The following products are... High Unreviewed
CVE-2022-44747 was published Nov 8, 2022
Measuresoft ScadaPro Server and Client (All Versions) do not properly resolve links before file... High Unreviewed
CVE-2022-2897 was published Sep 1, 2022
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS... High Unreviewed
CVE-2022-32905 was published Nov 2, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database