GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,167
Composer 4,339
Erlang 31
GitHub Actions 22
Go 2,099
Maven 5,272
npm 3,763
NuGet 678
pip 3,448
Pub 12
RubyGems 892
Rust 883
Swift 37

Unreviewed advisories

All unreviewed 242,871

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

372 advisories

Filter by severity

Sort by

Least recently updated

Digi ConnectPort X2e before 3.2.30.6 allows an attacker to escalate privileges from the python... High Unreviewed

CVE-2020-12878 was published May 24, 2022

avahi-daemon-check-dns.sh in the Debian avahi package through 0.8-4 is executed as root via /etc... High Unreviewed

CVE-2021-26720 was published May 24, 2022

Mumble before 1.3.4 allows remote code execution if a victim navigates to a crafted URL on a... High Unreviewed

CVE-2021-27229 was published May 24, 2022

Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker... High Unreviewed

CVE-2021-1278 was published May 24, 2022

selinux_edit_copy_tfiles in sudoedit in Sudo before 1.9.5 allows a local unprivileged user to... High Unreviewed

CVE-2021-23240 was published May 24, 2022

The test suite in libopendkim in OpenDKIM through 2.10.3 allows local users to gain privileges... High Unreviewed

CVE-2020-35766 was published May 24, 2022

In Malwarebytes Free 4.1.0.56, a symbolic link may be used delete an arbitrary file on the system... High Unreviewed

CVE-2020-28641 was published May 24, 2022

An issue existed within the path validation logic for symlinks. This issue was addressed with... High Unreviewed

CVE-2020-10003 was published May 24, 2022

Trend Micro Security 2020 (Consumer) contains a vulnerability in the installer package that could... High Unreviewed

CVE-2020-27697 was published May 24, 2022

Ilex International Sign&go Workstation Security Suite 7.1 allows elevation of privileges via a... High Unreviewed

CVE-2020-23968 was published May 24, 2022

UNIX Symbolic Link (Symlink) Following in TP-Link Archer A7(US)_V5_200721 allows an authenticated... High Unreviewed

CVE-2020-5795 was published May 24, 2022

An issue existed within the path validation logic for symlinks. This issue was addressed with... High Unreviewed

CVE-2020-9900 was published May 24, 2022

An issue existed within the path validation logic for symlinks. This issue was addressed with... High Unreviewed

CVE-2020-9901 was published May 24, 2022

An elevation of privilege vulnerability exists when Group Policy improperly checks access, aka ... High Unreviewed

CVE-2020-16939 was published May 24, 2022

A vulnerability in Trend Micro Apex One on macOS may allow an attacker to manipulate a certain... High Unreviewed

CVE-2020-24559 was published May 24, 2022

A vulnerability in Trend Micro Apex One and OfficeScan XG SP1 on Microsoft Windows may allow an... High Unreviewed

CVE-2020-24556 was published May 24, 2022

Net-SNMP through 5.7.3 allows Escalation of Privileges because of UNIX symbolic link (symlink)... High Unreviewed

CVE-2020-15861 was published May 24, 2022

Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a symlink vulnerability... High Unreviewed

CVE-2020-9682 was published May 24, 2022

Avira Antivirus before 5.0.2003.1821 on Windows allows privilege escalation or a denial of... High Unreviewed

CVE-2020-12254 was published May 24, 2022

A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of exim in openSUSE... High Unreviewed

CVE-2020-8015 was published May 24, 2022

Docker Desktop allows local privilege escalation to NT AUTHORITY\SYSTEM because it mishandles the... High Unreviewed

CVE-2020-10665 was published May 24, 2022

VMware Fusion (11.x before 11.5.2), VMware Remote Console for Mac (11.x and prior before 11.0.1)... High Unreviewed

CVE-2020-3950 was published May 24, 2022

An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer... High Unreviewed

CVE-2020-0787 was published May 24, 2022

A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of salt of SUSE Linux... High Unreviewed

CVE-2019-18897 was published May 24, 2022

UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of privoxy on openSUSE Leap... High Unreviewed

CVE-2019-3699 was published May 24, 2022

Previous 1 2 … 7 8 9 10 11 … 14 15 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

372 advisories