Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,339
Erlang
31
GitHub Actions
22
Go
2,099
Maven
5,000+
npm
3,763
NuGet
678
pip
3,448
Pub
12
RubyGems
892
Rust
883
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

372 advisories

Loading
A UNIX Symbolic Link (Symlink) Following vulnerability in the clone-master-clean-up.sh script of... High Unreviewed
CVE-2021-32000 was published May 24, 2022
NVIDIA GPU Display driver for Windows contains a vulnerability where an unprivileged user can... High Unreviewed
CVE-2021-1091 was published May 24, 2022
An improper symlink following in FortiClient for Mac 6.4.3 and below may allow an non-privileged... High Unreviewed
CVE-2021-26089 was published May 24, 2022
A vulnerability in share_link in QSAN Storage Manager allows remote attackers to create a... High Unreviewed
CVE-2021-32518 was published May 24, 2022
A UNIX Symbolic Link (Symlink) Following vulnerability in arpwatch of SUSE Linux Enterprise... High Unreviewed
CVE-2021-25321 was published May 24, 2022
It was discovered that the process_report() function in data/whoopsie-upload-all allowed... High Unreviewed
CVE-2021-32557 was published May 24, 2022
A UNIX Symbolic Link (Symlink) Following vulnerability in python-HyperKitty of openSUSE Leap 15.2... High Unreviewed
CVE-2021-25322 was published May 24, 2022
a UNIX Symbolic Link (Symlink) Following vulnerability in python-postorius of openSUSE Leap 15.2,... High Unreviewed
CVE-2021-31997 was published May 24, 2022
Improper link resolution before file access in Intel(R) DSA before version 20.11.50.9 may allow... High Unreviewed
CVE-2021-0094 was published May 24, 2022
Private Tunnel installer for macOS version 3.0.1 and older versions may corrupt system critical... High Unreviewed
CVE-2020-15076 was published May 24, 2022
A Zip Slip vulnerability was found in the oc binary in openshift-clients where an arbitrary file... High Unreviewed
CVE-2020-27833 was published May 24, 2022
By exploiting a time of check to time of use (TOCTOU) race condition during the Endpoint Security... High Unreviewed
CVE-2021-23892 was published May 24, 2022
Privilege Escalation vulnerability in the File Lock component of McAfee Total Protection (MTP)... High Unreviewed
CVE-2021-23872 was published May 24, 2022
Windows WalletService Elevation of Privilege Vulnerability High Unreviewed
CVE-2021-31187 was published May 24, 2022
Exim 4 before 4.94.2 allows Execution with Unnecessary Privileges. Because Exim operates as root... High Unreviewed
CVE-2020-28007 was published May 24, 2022
Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability This CVE ID is... High Unreviewed
CVE-2021-28321 was published May 24, 2022
VestaCP through 0.9.8-24 allows attackers to gain privileges by creating symlinks to files for... High Unreviewed
CVE-2021-30463 was published May 24, 2022
OpenVPN Connect installer for macOS version 3.2.6 and older may corrupt system critical files it... High Unreviewed
CVE-2020-15075 was published May 24, 2022
Privilege Escalation vulnerability in McAfee Data Loss Prevention (DLP) for Windows prior to 11.6... High Unreviewed
CVE-2020-7346 was published May 24, 2022
Microsoft Windows Folder Redirection Elevation of Privilege Vulnerability High Unreviewed
CVE-2021-26887 was published May 24, 2022
Windows Update Stack Elevation of Privilege Vulnerability High Unreviewed
CVE-2021-26889 was published May 24, 2022
Windows User Profile Service Elevation of Privilege Vulnerability High Unreviewed
CVE-2021-26873 was published May 24, 2022
Windows Installer Elevation of Privilege Vulnerability High Unreviewed
CVE-2021-26862 was published May 24, 2022
Windows Update Service Elevation of Privilege Vulnerability High Unreviewed
CVE-2021-26866 was published May 24, 2022
Western Digital My Cloud OS 5 devices before 5.10.122 mishandle Symbolic Link Following on SMB... High Unreviewed
CVE-2021-3310 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database