GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
367 advisories
Filter by severity
Windows 10 Update Assistant Elevation of Privilege Vulnerability This CVE ID is unique from CVE...
High
Unreviewed
CVE-2021-42297
was published
Nov 25, 2021
Windows Setup Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2021-43237
was published
Dec 16, 2021
A link following denial-of-service (DoS) vulnerability in the Trend Micro Security (Consumer)...
High
Unreviewed
CVE-2021-44023
was published
Dec 17, 2021
A link following denial-of-service vulnerability in Trend Micro Worry-Free Business Security (on...
High
Unreviewed
CVE-2021-45442
was published
Jan 11, 2022
A link following denial-of-service vulnerability in Trend Micro Apex One (on-prem and SaaS) and...
High
Unreviewed
CVE-2021-44024
was published
Jan 11, 2022
Windows User Profile Service Elevation of Privilege Vulnerability. This CVE ID is unique from CVE...
High
Unreviewed
CVE-2022-21919
was published
Jan 12, 2022
Windows User Profile Service Elevation of Privilege Vulnerability. This CVE ID is unique from CVE...
High
Unreviewed
CVE-2022-21895
was published
Jan 12, 2022
An improper link resolution before file access vulnerability exists in the Palo Alto Networks...
High
Unreviewed
CVE-2022-0012
was published
Jan 13, 2022
A UNIX Symbolic Link (Symlink) Following vulnerability in the systemd service file for watchman...
High
Unreviewed
CVE-2022-21944
was published
Jan 27, 2022
This affects the package juce-framework/JUCE before 6.1.5. This vulnerability is triggered when a...
High
Unreviewed
CVE-2021-23521
was published
Feb 8, 2022
An improper link resolution before file access ('link following') vulnerability exists in the...
High
Unreviewed
CVE-2022-0017
was published
Feb 11, 2022
snapd 2.54.2 did not properly validate the location of the snap-confine binary. A local attacker...
High
Unreviewed
CVE-2021-44730
was published
Feb 19, 2022
A security link following local privilege escalation vulnerability in Trend Micro Apex One, Trend...
High
Unreviewed
CVE-2022-24679
was published
Feb 25, 2022
A security link following local privilege escalation vulnerability in Trend Micro Apex One, Trend...
High
Unreviewed
CVE-2022-24680
was published
Feb 25, 2022
A link following privilege escalation vulnerability in Trend Micro Antivirus for Max 11.0.2150...
High
Unreviewed
CVE-2022-24671
was published
Feb 25, 2022
ROG Live Service’s function for deleting temp files created by installation has an improper link...
High
Unreviewed
CVE-2022-22262
was published
Mar 2, 2022
An issue existed within the path validation logic for symlinks. This issue was addressed with...
High
Unreviewed
CVE-2022-22585
was published
Mar 19, 2022
Docker Desktop installer on Windows in versions before 4.6.0 allows an attacker to overwrite any...
High
Unreviewed
CVE-2022-26659
was published
Mar 26, 2022
A link following vulnerability in Trend Micro Antivirus for Mac 11.5 could allow an attacker to...
High
Unreviewed
CVE-2022-27883
was published
Apr 10, 2022
VMware Horizon Client for Linux (prior to 22.x) contains a local privilege escalation as a user...
High
Unreviewed
CVE-2022-22962
was published
Apr 12, 2022
A local privilege escalation vulnerability in MA for Windows prior to 5.7.6 allows a local low...
High
Unreviewed
CVE-2022-1256
was published
Apr 15, 2022
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco...
High
Unreviewed
CVE-2022-20720
was published
Apr 16, 2022
rpcbind 0.2.0 allows local users to write to arbitrary files or gain privileges via a symlink...
High
Unreviewed
CVE-2010-2064
was published
Apr 21, 2022
openvas-scanner before 2011-09-11 creates a temporary file insecurely when generating OVAL system...
High
Unreviewed
CVE-2011-3351
was published
Apr 22, 2022
Hardlink before 0.1.2 operates on full file system objects path names which can allow a local...
High
Unreviewed
CVE-2011-3632
was published
Apr 22, 2022
ProTip!
Advisories are also available from the
GraphQL API