GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
162 advisories
Filter by severity
snapd failed to properly check the destination of symbolic links when extracting a snap
Low
CVE-2024-29069
was published
for
github.com/snapcore/snapd
(Go)
Jul 25, 2024
HashiCorp Vagrant Insecure Operation on Windows Junction / Mount Point vulnerability
Low
CVE-2023-5834
was published
for
github.com/hashicorp/vagrant
(Go)
Oct 28, 2023
Dell Command | Integration Suite for System Center, versions before 6.4.0 contain an arbitrary...
Low
Unreviewed
CVE-2023-24572
was published
Feb 13, 2023
Dell Command | Intel vPro Out of Band, versions before 4.4.0, contain an arbitrary folder delete...
Low
Unreviewed
CVE-2023-23697
was published
Feb 13, 2023
Cargo extracting malicious crates can corrupt arbitrary files
Low
CVE-2022-36113
was published
for
cargo
(Rust)
Sep 16, 2022
There is an information leak vulnerability in the digital media player (DMS) of ZTE's residential...
Low
Unreviewed
CVE-2021-21740
was published
May 24, 2022
The sudoedit personality of Sudo before 1.9.5 may allow a local unprivileged user to perform...
Low
Unreviewed
CVE-2021-23239
was published
May 24, 2022
An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application...
Low
Unreviewed
CVE-2020-16853
was published
May 24, 2022
An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application...
Low
Unreviewed
CVE-2020-16851
was published
May 24, 2022
A flaw was found in chrony versions before 3.5.1 when creating the PID file under the /var/run...
Low
Unreviewed
CVE-2020-14367
was published
May 24, 2022
ZoneAlarm Anti-Ransomware before version 1.0.713 copies files for the report from a directory...
Low
Unreviewed
CVE-2020-6012
was published
May 24, 2022
Privilege Escalation vulnerability in McAfee Total Protection (MTP) before 16.0.R26 allows local...
Low
Unreviewed
CVE-2020-7282
was published
May 24, 2022
Apport creates a world writable lock file with root ownership in the world writable /var/lock...
Low
Unreviewed
CVE-2020-8831
was published
May 24, 2022
A UNIX Symbolic Link (Symlink) Following vulnerability in chkstat of SUSE Linux Enterprise Server...
Low
Unreviewed
CVE-2020-8013
was published
May 24, 2022
A UNIX Symbolic Link (Symlink) Following vulnerability in the mysql-systemd-helper of the mariadb...
Low
Unreviewed
CVE-2019-18901
was published
May 24, 2022
Dell Client Consumer and Commercial Platforms contain an Arbitrary File Overwrite Vulnerability....
Low
Unreviewed
CVE-2020-5324
was published
May 24, 2022
HP Linux Imaging and Printing (HPLIP) through 3.12.4 allows local users to overwrite arbitrary...
Low
Unreviewed
CVE-2013-0200
was published
May 17, 2022
The make_lockdir_name function in policy.c in pmount 0.9.18 allow local users to overwrite...
Low
Unreviewed
CVE-2010-2192
was published
May 17, 2022
GNU gv before 3.7.0 allows local users to overwrite arbitrary files via a symlink attack on a...
Low
Unreviewed
CVE-2010-2056
was published
May 17, 2022
The SPICE (aka spice-xpi) plug-in 2.2 for Firefox allows local users to overwrite arbitrary files...
Low
Unreviewed
CVE-2010-2794
was published
May 17, 2022
The default configuration of libsdp.conf in libsdp 1.1.104 and earlier creates log files in /tmp,...
Low
Unreviewed
CVE-2010-4173
was published
May 17, 2022
hammerhead.cc in Hammerhead 2.1.4 allows local users to write to arbitrary files via a symlink...
Low
Unreviewed
CVE-2011-3204
was published
May 17, 2022
The configure script in gnash 0.8.8 allows local users to overwrite arbitrary files via a symlink...
Low
Unreviewed
CVE-2010-4337
was published
May 17, 2022
The errorExitIfAttackViaString function in Tunnelblick 3.3beta20 and earlier allows local users...
Low
Unreviewed
CVE-2012-4676
was published
May 17, 2022
as31 2.3.1-4 does not seed the random number generator and generates predictable temporary file...
Low
Unreviewed
CVE-2012-0808
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API