Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

406 advisories

Loading
Wacom Drivers for Windows Link Following Local Privilege Escalation Vulnerability. This... High Unreviewed
CVE-2023-32163 was published Sep 6, 2023
Local privilege escalation during installation due to improper soft link handling. The following... High Unreviewed
CVE-2022-46869 was published Aug 31, 2023
An issue was discovered in TechView LA-5570 Wireless Gateway 1.0.19_T53, allows attackers to gain... High Unreviewed
CVE-2023-34723 was published Aug 26, 2023
Inappropriate implementation in OS in Google Chrome on ChromeOS prior to 75.0.3770.80 allowed a... High Unreviewed
CVE-2019-13689 was published Aug 25, 2023
UnRAR before 6.2.3 allows extraction of files outside of the destination folder via symlink chains. High Unreviewed
CVE-2022-48579 was published Aug 7, 2023
Malwarebytes Anti-Exploit 4.4.0.220 is vulnerable to arbitrary file deletion and denial of... High Unreviewed
CVE-2023-27469 was published Jun 30, 2023
Dell Command | Update, Dell Update, and Alienware Update versions 4.8.0 and prior contain an... High Unreviewed
CVE-2023-28065 was published Jun 23, 2023
Dell Command | Update, Dell Update, and Alienware Update versions 4.9.0, A01 and prior contain... High Unreviewed
CVE-2023-28071 was published Jun 23, 2023
RenderDoc through 1.26 allows local privilege escalation via a symlink attack. High Unreviewed
CVE-2023-33865 was published Jun 7, 2023
Insufficient data validation in Installer in Google Chrome on Windows prior to 114.0.5735.90... High Unreviewed
CVE-2023-2939 was published May 31, 2023
Minecraft through 1.19 and 1.20 pre-releases before 7 (Java) allow arbitrary file overwrite, and... High Unreviewed
CVE-2023-33245 was published May 30, 2023
Wacom Tablet Driver installer prior to 6.4.2-1 (for macOS) contains an improper link resolution... High Unreviewed
CVE-2023-27529 was published May 25, 2023
Docker Desktop for Windows before 4.6.0 allows attackers to overwrite any file through a symlink... High Unreviewed
CVE-2022-34292 was published Apr 27, 2023
Docker Desktop before 4.6.0 on Windows allows attackers to delete any file through the hyperv... High Unreviewed
CVE-2022-31647 was published Apr 27, 2023
The SolarWinds Platform was susceptible to the Local Privilege Escalation Vulnerability. This... High Unreviewed
CVE-2022-47505 was published Apr 21, 2023
Wacom Driver 6.3.46-1 for Windows and lower was discovered to contain an arbitrary file deletion... High Unreviewed
CVE-2022-38604 was published Apr 11, 2023
Dell PowerScale OneFS version 9.5.0.0 contains improper link resolution before file access... High Unreviewed
CVE-2023-25940 was published Apr 4, 2023
There is an arbitrary file reading vulnerability in Generex UPS CS141 below 2.06 version. An... High Unreviewed
CVE-2022-47188 was published Apr 1, 2023
Malwarebytes AdwCleaner 8.4.0 runs as Administrator and performs an insecure file delete... High Unreviewed
CVE-2023-28892 was published Mar 29, 2023
In Malwarebytes before 4.5.23, a symbolic link may be used delete any arbitrary file on the... High Unreviewed
CVE-2023-26088 was published Mar 23, 2023
cloudflared's Installer has Local Privilege Escalation Vulnerability High
CVE-2023-1314 was published for github.com/cloudflare/cloudflared (Go) Mar 21, 2023
A link following vulnerability in the scanning function of Trend Micro Apex One agent could allow... High Unreviewed
CVE-2023-25145 was published Mar 10, 2023
A security agent link following vulnerability in the Trend Micro Apex One agent could allow a... High Unreviewed
CVE-2023-25146 was published Mar 10, 2023
A security agent link following vulnerability in Trend Micro Apex One could allow a local... High Unreviewed
CVE-2023-25148 was published Mar 10, 2023
Arbitrary File Delete vulnerability in Razer Central before v7.8.0.381 when handling files in the... High Unreviewed
CVE-2022-45697 was published Feb 27, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database