GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
938 advisories
Filter by severity
In connsyslogger, there is a possible symbolic link following due to improper link resolution....
Moderate
Unreviewed
CVE-2022-20050
was published
Mar 11, 2022
GNOME Display Manager (gdm) 2.x before 2.32.1 allows local users to change the ownership of...
Moderate
Unreviewed
CVE-2011-0727
was published
May 17, 2022
The Debian GNU/Linux /etc/cron.d/php5 cron job for PHP 5.3.5 allows local users to delete...
Moderate
Unreviewed
CVE-2011-0441
was published
May 17, 2022
dpkg-source in dpkg before 1.14.31 and 1.15.x allows user-assisted remote attackers to modify...
Moderate
Unreviewed
CVE-2011-0402
was published
May 17, 2022
An issue existed within the path validation logic for symlinks. This issue was addressed with...
High
Unreviewed
CVE-2022-22585
was published
Mar 19, 2022
Docker Desktop installer on Windows in versions before 4.6.0 allows an attacker to overwrite any...
High
Unreviewed
CVE-2022-26659
was published
Mar 26, 2022
A link following vulnerability in Trend Micro Antivirus for Mac 11.5 could allow an attacker to...
High
Unreviewed
CVE-2022-27883
was published
Apr 10, 2022
A UNIX Symbolic Link (Symlink) Following vulnerability in the systemd service file for watchman...
High
Unreviewed
CVE-2022-21944
was published
Jan 27, 2022
In mobile_log_d, there is a possible symbolic link following due to an improper link resolution....
Moderate
Unreviewed
CVE-2022-20068
was published
Apr 12, 2022
VMware Horizon Client for Linux (prior to 22.x) contains a local privilege escalation as a user...
High
Unreviewed
CVE-2022-22962
was published
Apr 12, 2022
alsa-utils 1.0.19 and later versions allows local users to overwrite arbitrary files via a...
Low
Unreviewed
CVE-2009-0035
was published
Apr 21, 2022
Backup in Apple iOS before 8.4.1 allows attackers to bypass intended restrictions on filesystem...
Moderate
Unreviewed
CVE-2015-5752
was published
May 17, 2022
The init script in the Debian x11-common package before 1:7.6+12 is vulnerable to a symlink...
Moderate
Unreviewed
CVE-2012-1093
was published
Apr 23, 2022
An exploitable vulnerability exists in the /api/CONFIG/restore functionality of Circle with...
High
Unreviewed
CVE-2017-2916
was published
May 13, 2022
In Checkmk before 1.6.0p29, 2.x before 2.0.0p25, and 2.1.x before 2.1.0b10, a site user can...
High
Unreviewed
CVE-2022-31258
was published
May 21, 2022
VMware Fusion (11.x before 11.5.2), VMware Remote Console for Mac (11.x and prior before 11.0.1)...
High
Unreviewed
CVE-2020-3950
was published
May 24, 2022
The mysqlaccess script in MySQL 4.0.23 and earlier, 4.1.x before 4.1.10, 5.0.x before 5.0.3, and...
Moderate
Unreviewed
CVE-2005-0004
was published
May 1, 2022
Privilege Escalation vulnerability in McAfee Total Protection (MTP) before 16.0.R26 allows local...
Low
Unreviewed
CVE-2020-7282
was published
May 24, 2022
avahi-daemon-check-dns.sh in the Debian avahi package through 0.8-4 is executed as root via /etc...
High
Unreviewed
CVE-2021-26720
was published
May 24, 2022
a UNIX Symbolic Link (Symlink) Following vulnerability in python-postorius of openSUSE Leap 15.2,...
High
Unreviewed
CVE-2021-31997
was published
May 24, 2022
A UNIX Symbolic Link (Symlink) Following vulnerability in the clone-master-clean-up.sh script of...
High
Unreviewed
CVE-2021-32000
was published
May 24, 2022
An issue in the handling of symlinks was addressed with improved validation. This issue is fixed...
Moderate
Unreviewed
CVE-2022-26688
was published
May 27, 2022
emesenelib/ProfileManager.py in emesene before 1.6.2 allows local users to overwrite arbitrary...
Low
Unreviewed
CVE-2010-2053
was published
May 17, 2022
A vulnerability in share_link in QSAN Storage Manager allows remote attackers to create a...
High
Unreviewed
CVE-2021-32518
was published
May 24, 2022
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker...
High
Unreviewed
CVE-2021-1278
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API