GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
405 advisories
Filter by severity
Arbitrary Code Execution in Docker
High
CVE-2014-6407
was published
for
github.com/docker/docker
(Go)
Feb 15, 2022
UNIX Symbolic Link (Symlink) Following in @npmcli/arborist
High
CVE-2021-39135
was published
for
@npmcli/arborist
(npm)
Aug 31, 2021
@npmcli/arborist vulnerable to UNIX Symbolic Link (Symlink) Following
High
CVE-2021-39134
was published
for
@npmcli/arborist
(npm)
Aug 31, 2021
An issue existed within the path validation logic for symlinks. This issue was addressed with...
High
Unreviewed
CVE-2022-22585
was published
Mar 19, 2022
Docker Desktop installer on Windows in versions before 4.6.0 allows an attacker to overwrite any...
High
Unreviewed
CVE-2022-26659
was published
Mar 26, 2022
Data Loss/Denial of Service in SWHKD
High
CVE-2022-27816
was published
for
Simple-Wayland-HotKey-Daemon
(Rust)
Mar 31, 2022
Privilege escalation in beego
High
CVE-2021-27116
was published
for
github.com/beego/beego
(Go)
Apr 6, 2022
Privilege escalation in beego
High
CVE-2021-27117
was published
for
github.com/beego/beego
(Go)
Apr 6, 2022
A link following vulnerability in Trend Micro Antivirus for Mac 11.5 could allow an attacker to...
High
Unreviewed
CVE-2022-27883
was published
Apr 10, 2022
A UNIX Symbolic Link (Symlink) Following vulnerability in the systemd service file for watchman...
High
Unreviewed
CVE-2022-21944
was published
Jan 27, 2022
VMware Horizon Client for Linux (prior to 22.x) contains a local privilege escalation as a user...
High
Unreviewed
CVE-2022-22962
was published
Apr 12, 2022
An exploitable vulnerability exists in the /api/CONFIG/restore functionality of Circle with...
High
Unreviewed
CVE-2017-2916
was published
May 13, 2022
In Checkmk before 1.6.0p29, 2.x before 2.0.0p25, and 2.1.x before 2.1.0b10, a site user can...
High
Unreviewed
CVE-2022-31258
was published
May 21, 2022
VMware Fusion (11.x before 11.5.2), VMware Remote Console for Mac (11.x and prior before 11.0.1)...
High
Unreviewed
CVE-2020-3950
was published
May 24, 2022
avahi-daemon-check-dns.sh in the Debian avahi package through 0.8-4 is executed as root via /etc...
High
Unreviewed
CVE-2021-26720
was published
May 24, 2022
a UNIX Symbolic Link (Symlink) Following vulnerability in python-postorius of openSUSE Leap 15.2,...
High
Unreviewed
CVE-2021-31997
was published
May 24, 2022
A UNIX Symbolic Link (Symlink) Following vulnerability in the clone-master-clean-up.sh script of...
High
Unreviewed
CVE-2021-32000
was published
May 24, 2022
A vulnerability in share_link in QSAN Storage Manager allows remote attackers to create a...
High
Unreviewed
CVE-2021-32518
was published
May 24, 2022
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker...
High
Unreviewed
CVE-2021-1278
was published
May 24, 2022
Trend Micro Maximum Security 2022 is vulnerable to a link following vulnerability that could...
High
Unreviewed
CVE-2022-30687
was published
May 28, 2022
A validation issue existed in the handling of symlinks and was addressed with improved validation...
High
Unreviewed
CVE-2022-26704
was published
May 27, 2022
Unspecified vulnerability in Opera before 9.60 allows remote attackers to cause a denial of...
High
Unreviewed
CVE-2008-4694
was published
May 17, 2022
Local privilege vulnerability in Yandex Browser for Windows prior to 22.3.3.684 allows a local,...
High
Unreviewed
CVE-2022-28225
was published
Jun 16, 2022
ProTip!
Advisories are also available from the
GraphQL API