GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
997 advisories
Filter by severity
There is an information leak vulnerability in the digital media player (DMS) of ZTE's residential...
Low
Unreviewed
CVE-2021-21740
was published
May 24, 2022
replay-sorcery-kms in Replay Sorcery 0.6.0 allows a local attacker to gain root privileges via a...
High
Unreviewed
CVE-2021-36983
was published
May 24, 2022
A UNIX Symbolic Link (Symlink) Following vulnerability in the clone-master-clean-up.sh script of...
High
Unreviewed
CVE-2021-32000
was published
May 24, 2022
NVIDIA GPU Display driver for Windows contains a vulnerability where an unprivileged user can...
High
Unreviewed
CVE-2021-1091
was published
May 24, 2022
An improper symlink following in FortiClient for Mac 6.4.3 and below may allow an non-privileged...
High
Unreviewed
CVE-2021-26089
was published
May 24, 2022
Absolute Path Traversal vulnerability in FileStreaming in QSAN Storage Manager allows remote...
Moderate
Unreviewed
CVE-2021-32508
was published
May 24, 2022
Absolute Path Traversal vulnerability in FileviewDoc in QSAN Storage Manager allows remote...
Moderate
Unreviewed
CVE-2021-32509
was published
May 24, 2022
A vulnerability in share_link in QSAN Storage Manager allows remote attackers to create a...
High
Unreviewed
CVE-2021-32518
was published
May 24, 2022
A UNIX Symbolic Link (Symlink) Following vulnerability in arpwatch of SUSE Linux Enterprise...
High
Unreviewed
CVE-2021-25321
was published
May 24, 2022
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 could allow a local user...
Moderate
Unreviewed
CVE-2020-4885
was published
May 24, 2022
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open...
Moderate
Unreviewed
CVE-2021-32550
was published
May 24, 2022
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open...
Moderate
Unreviewed
CVE-2021-32551
was published
May 24, 2022
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open...
Moderate
Unreviewed
CVE-2021-32549
was published
May 24, 2022
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open...
Moderate
Unreviewed
CVE-2021-32548
was published
May 24, 2022
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open...
Moderate
Unreviewed
CVE-2021-32547
was published
May 24, 2022
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open...
Moderate
Unreviewed
CVE-2021-32554
was published
May 24, 2022
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open...
Moderate
Unreviewed
CVE-2021-32555
was published
May 24, 2022
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open...
Moderate
Unreviewed
CVE-2021-32553
was published
May 24, 2022
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open...
Moderate
Unreviewed
CVE-2021-32552
was published
May 24, 2022
It was discovered that the process_report() function in data/whoopsie-upload-all allowed...
High
Unreviewed
CVE-2021-32557
was published
May 24, 2022
a UNIX Symbolic Link (Symlink) Following vulnerability in python-postorius of openSUSE Leap 15.2,...
High
Unreviewed
CVE-2021-31997
was published
May 24, 2022
A UNIX Symbolic Link (Symlink) Following vulnerability in python-HyperKitty of openSUSE Leap 15.2...
High
Unreviewed
CVE-2021-25322
was published
May 24, 2022
Improper link resolution before file access in Intel(R) DSA before version 20.11.50.9 may allow...
High
Unreviewed
CVE-2021-0094
was published
May 24, 2022
Private Tunnel installer for macOS version 3.0.1 and older versions may corrupt system critical...
High
Unreviewed
CVE-2020-15076
was published
May 24, 2022
A Zip Slip vulnerability was found in the oc binary in openshift-clients where an arbitrary file...
High
Unreviewed
CVE-2020-27833
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API