GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
997 advisories
Filter by severity
OnCommand Unified Manager Core Package versions prior to 5.2.5 may disclose sensitive account...
Moderate
Unreviewed
CVE-2020-8585
was published
May 24, 2022
IBM Security Identity Governance and Intelligence 5.2.6 does not set the secure attribute on...
Moderate
Unreviewed
CVE-2020-4966
was published
May 24, 2022
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker...
High
Unreviewed
CVE-2021-1278
was published
May 24, 2022
Arbitrary file read vulnerability in workspace browsers in Jenkins
Moderate
CVE-2021-21602
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 24, 2022
A vulnerability in the Secure FTP (SFTP) of Cisco StarOS for Cisco ASR 5000 Series Routers could...
Moderate
Unreviewed
CVE-2021-1145
was published
May 24, 2022
selinux_edit_copy_tfiles in sudoedit in Sudo before 1.9.5 allows a local unprivileged user to...
High
Unreviewed
CVE-2021-23240
was published
May 24, 2022
The sudoedit personality of Sudo before 1.9.5 may allow a local unprivileged user to perform...
Low
Unreviewed
CVE-2021-23239
was published
May 24, 2022
The test suite in libopendkim in OpenDKIM through 2.10.3 allows local users to gain privileges...
High
Unreviewed
CVE-2020-35766
was published
May 24, 2022
In Malwarebytes Free 4.1.0.56, a symbolic link may be used delete an arbitrary file on the system...
High
Unreviewed
CVE-2020-28641
was published
May 24, 2022
NLnet Labs Unbound, up to and including version 1.12.0, and NLnet Labs NSD, up to and including...
Moderate
Unreviewed
CVE-2020-28935
was published
May 24, 2022
An issue existed within the path validation logic for symlinks. This issue was addressed with...
High
Unreviewed
CVE-2020-10003
was published
May 24, 2022
UNIX Symbolic Link (Symlink) Following in TP-Link Archer C9(US)_V1_180125 firmware allows an...
Moderate
Unreviewed
CVE-2020-5797
was published
May 24, 2022
Privilege escalation via arbitrary file write in pritunl electron client 1.0.1116.6 through v1.2...
Critical
Unreviewed
CVE-2020-25989
was published
May 24, 2022
Trend Micro Security 2020 (Consumer) contains a vulnerability in the installer package that could...
High
Unreviewed
CVE-2020-27697
was published
May 24, 2022
Ilex International Sign&go Workstation Security Suite 7.1 allows elevation of privileges via a...
High
Unreviewed
CVE-2020-23968
was published
May 24, 2022
UNIX Symbolic Link (Symlink) Following in TP-Link Archer A7(US)_V5_200721 allows an authenticated...
High
Unreviewed
CVE-2020-5795
was published
May 24, 2022
checkpath in OpenRC through 0.42.1 might allow local users to take ownership of arbitrary files...
Moderate
Unreviewed
CVE-2018-21269
was published
May 24, 2022
opentmpfiles through 0.3.1 allows local users to take ownership of arbitrary files because d...
Moderate
Unreviewed
CVE-2017-18925
was published
May 24, 2022
An issue existed within the path validation logic for symlinks. This issue was addressed with...
High
Unreviewed
CVE-2020-9900
was published
May 24, 2022
An issue existed within the path validation logic for symlinks. This issue was addressed with...
High
Unreviewed
CVE-2020-9901
was published
May 24, 2022
An elevation of privilege vulnerability exists when Group Policy improperly checks access, aka ...
High
Unreviewed
CVE-2020-16939
was published
May 24, 2022
An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application...
Low
Unreviewed
CVE-2020-16851
was published
May 24, 2022
An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application...
Low
Unreviewed
CVE-2020-16853
was published
May 24, 2022
Improper Access Control vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7...
Moderate
Unreviewed
CVE-2020-7319
was published
May 24, 2022
In KDE Ark before 20.08.1, a crafted TAR archive with symlinks can install files outside the...
Moderate
Unreviewed
CVE-2020-24654
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API