Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,386
Erlang
33
GitHub Actions
22
Go
2,141
Maven
5,000+
npm
3,803
NuGet
687
pip
3,480
Pub
12
RubyGems
897
Rust
898
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

420 advisories

Loading
In sound driver, there is a possible information disclosure due to symlink following. This could... Moderate Unreviewed
CVE-2022-21770 was published Jul 7, 2022
An issue in the handling of symlinks was addressed with improved validation. This issue is fixed... Moderate Unreviewed
CVE-2022-26688 was published May 27, 2022
A security vulnerability that can lead to local privilege escalation has been found in ’guix... Moderate Unreviewed
CVE-2021-27851 was published May 24, 2022
Improper Link Resolution Before File Access ('Link Following') vulnerability in the EPAG... Moderate Unreviewed
CVE-2021-3641 was published May 24, 2022
Absolute Path Traversal vulnerability in FileStreaming in QSAN Storage Manager allows remote... Moderate Unreviewed
CVE-2021-32508 was published May 24, 2022
Absolute Path Traversal vulnerability in FileviewDoc in QSAN Storage Manager allows remote... Moderate Unreviewed
CVE-2021-32509 was published May 24, 2022
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 could allow a local user... Moderate Unreviewed
CVE-2020-4885 was published May 24, 2022
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open... Moderate Unreviewed
CVE-2021-32549 was published May 24, 2022
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open... Moderate Unreviewed
CVE-2021-32547 was published May 24, 2022
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open... Moderate Unreviewed
CVE-2021-32548 was published May 24, 2022
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open... Moderate Unreviewed
CVE-2021-32551 was published May 24, 2022
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open... Moderate Unreviewed
CVE-2021-32550 was published May 24, 2022
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open... Moderate Unreviewed
CVE-2021-32553 was published May 24, 2022
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open... Moderate Unreviewed
CVE-2021-32555 was published May 24, 2022
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open... Moderate Unreviewed
CVE-2021-32552 was published May 24, 2022
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open... Moderate Unreviewed
CVE-2021-32554 was published May 24, 2022
This vulnerability allows local attackers to delete arbitrary directories on affected... Moderate Unreviewed
CVE-2021-27241 was published May 24, 2022
There is an open race window when writing output in the following utilities in GNU binutils... Moderate Unreviewed
CVE-2021-20197 was published May 24, 2022
autoar-extractor.c in GNOME gnome-autoar before 0.3.1, as used by GNOME Shell, Nautilus, and... Moderate Unreviewed
CVE-2021-28650 was published May 24, 2022
An issue was discovered in GNOME GLib before 2.66.8. When g_file_replace() is used with... Moderate Unreviewed
CVE-2021-28153 was published May 24, 2022
A vulnerability exists in IBM SPSS Modeler Subscription Installer that allows a user with create... Moderate Unreviewed
CVE-2020-4717 was published May 24, 2022
Windows Mobile Device Management Information Disclosure Vulnerability Moderate Unreviewed
CVE-2021-24084 was published May 24, 2022
Privilege Escalation vulnerability in McAfee Total Protection (MTP) prior to 16.0.30 allows a... Moderate Unreviewed
CVE-2021-23873 was published May 24, 2022
autoar-extractor.c in GNOME gnome-autoar through 0.2.4, as used by GNOME Shell, Nautilus, and... Moderate Unreviewed
CVE-2020-36241 was published May 24, 2022
OnCommand Unified Manager Core Package versions prior to 5.2.5 may disclose sensitive account... Moderate Unreviewed
CVE-2020-8585 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database