GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
981 advisories
Filter by severity
A validation issue existed in the handling of symlinks and was addressed with improved validation...
High
Unreviewed
CVE-2022-26704
was published
May 27, 2022
redirect.pl in bk2site 1.1.9 allows local users to overwrite arbitrary files via a symlink attack...
Moderate
Unreviewed
CVE-2008-4995
was published
May 17, 2022
vdrleaktest in Video Disk Recorder (aka vdr-dbg or vdr) 1.6.0 allows local users to overwrite...
Moderate
Unreviewed
CVE-2008-4985
was published
May 17, 2022
The (1) ncsarmt and (2) ncsawrap scripts in xmcd 2.6 allows local users to overwrite arbitrary...
Moderate
Unreviewed
CVE-2008-4994
was published
May 17, 2022
ogle 0.9.2 and ogle-mmx 0.9.2 allow local users to overwrite arbitrary files via a symlink attack...
Moderate
Unreviewed
CVE-2008-4976
was published
May 17, 2022
trend-autoupdate.new in mailscanner 4.55.10 and other versions before 4.74.16-1 allows local...
Moderate
Unreviewed
CVE-2008-5140
was published
May 17, 2022
passwdehd in libpam-mount 0.43 allows local users to overwrite arbitrary files via a symlink...
Moderate
Unreviewed
CVE-2008-5138
was published
May 17, 2022
bluetooth.rc in p3nfs 5.19 allows local users to overwrite arbitrary files via a symlink attack...
Moderate
Unreviewed
CVE-2008-5154
was published
May 17, 2022
The AcquireDaemonLock function in ipcdUnix.cpp in Sun Innotek VirtualBox before 2.0.6 allows...
Moderate
Unreviewed
CVE-2008-5256
was published
May 17, 2022
The SmartPoster implementation on the Nokia 6131 Near Field Communication (NFC) phone with 05.12...
Low
Unreviewed
CVE-2008-5825
was published
May 17, 2022
Open redirect vulnerability in wp-admin/upgrade.php in WordPress, probably 2.6.x, allows remote...
Moderate
Unreviewed
CVE-2008-6762
was published
May 17, 2022
openibd in OpenFabrics Enterprise Distribution (OFED) 1.5.2 allows local users to overwrite...
Moderate
Unreviewed
CVE-2010-1693
was published
May 17, 2022
A security vulnerability that can lead to local privilege escalation has been found in ’guix...
Moderate
Unreviewed
CVE-2021-27851
was published
May 24, 2022
Trend Micro Maximum Security 2022 is vulnerable to a link following vulnerability that could...
High
Unreviewed
CVE-2022-30687
was published
May 28, 2022
sng_regress in SNG 1.0.2 allows local users to overwrite arbitrary files via a symlink attack on...
Moderate
Unreviewed
CVE-2008-6398
was published
May 17, 2022
rlatex in AlcoveBook sgml2x 1.0.0 allows local users to overwrite arbitrary files via a symlink...
Moderate
Unreviewed
CVE-2008-6397
was published
May 17, 2022
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker...
High
Unreviewed
CVE-2021-1278
was published
May 24, 2022
A vulnerability in share_link in QSAN Storage Manager allows remote attackers to create a...
High
Unreviewed
CVE-2021-32518
was published
May 24, 2022
emesenelib/ProfileManager.py in emesene before 1.6.2 allows local users to overwrite arbitrary...
Low
Unreviewed
CVE-2010-2053
was published
May 17, 2022
An issue in the handling of symlinks was addressed with improved validation. This issue is fixed...
Moderate
Unreviewed
CVE-2022-26688
was published
May 27, 2022
A UNIX Symbolic Link (Symlink) Following vulnerability in the clone-master-clean-up.sh script of...
High
Unreviewed
CVE-2021-32000
was published
May 24, 2022
a UNIX Symbolic Link (Symlink) Following vulnerability in python-postorius of openSUSE Leap 15.2,...
High
Unreviewed
CVE-2021-31997
was published
May 24, 2022
avahi-daemon-check-dns.sh in the Debian avahi package through 0.8-4 is executed as root via /etc...
High
Unreviewed
CVE-2021-26720
was published
May 24, 2022
Privilege Escalation vulnerability in McAfee Total Protection (MTP) before 16.0.R26 allows local...
Low
Unreviewed
CVE-2020-7282
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API