Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,163 advisories

Loading
Dell SupportAssist Client Consumer versions 3.9.13.0 and any versions prior to 3.9.13.0 contain... High Unreviewed
CVE-2021-36286 was published May 24, 2022
A Improper Link Resolution Before File Access ('Link Following') vulnerability in a script called... High Unreviewed
CVE-2022-31256 was published Oct 26, 2022
A link following local privilege escalation vulnerability in Trend Micro Apex One and Trend Micro... High Unreviewed
CVE-2022-40143 was published Sep 20, 2022
Improper Link Resolution Before File Access ('Link Following') vulnerability in the EPAG... Moderate Unreviewed
CVE-2021-3641 was published May 24, 2022
In WIBU CodeMeter Runtime before 7.30a, creating a crafted CmDongles symbolic link will overwrite... High Unreviewed
CVE-2021-41057 was published May 24, 2022
wmFrog weather monitor 0.1.6 and other versions before 0.2.0 allows local users to overwrite... Low Unreviewed
CVE-2004-2473 was published Apr 29, 2022
Windows Internet Naming Service (WINS) allows remote attackers to cause a denial of service ... High Unreviewed
CVE-1999-1593 was published Apr 30, 2022
htpasswd and htdigest in Apache 2.0a9, 1.3.14, and others allows local users to overwrite... Low Unreviewed
CVE-2001-0131 was published Apr 30, 2022
DiskCheck script diskcheck.pl in Red Hat Linux 6.2 allows local users to create or overwrite... Low Unreviewed
CVE-2000-0715 was published Apr 30, 2022
fetchmailconf in fetchmail before 5.7.4 allows local users to overwrite files of other users via... Low Unreviewed
CVE-2001-1378 was published Apr 30, 2022
The tempname_ensure function in lib/routines.h in a2ps 4.14 and earlier, as used by the spy_user... Low Unreviewed
CVE-2001-1593 was published Apr 30, 2022
A symlink following vulnerability in the packaging of mailman in SUSE Linux Enterprise Server 11,... High Unreviewed
CVE-2019-3693 was published May 24, 2022
cvsupd.sh in CVSup 1.2 allows local users to overwrite arbitrary files and gain privileges via a... High Unreviewed
CVE-2002-2382 was published Apr 30, 2022
A Symbolic Link (Symlink) Following vulnerability in the packaging of munin in openSUSE Factory,... High Unreviewed
CVE-2019-3694 was published May 24, 2022
UNIX Symbolic Link (Symlink) Following vulnerability in the trousers package of SUSE SUSE Linux... High Unreviewed
CVE-2019-18898 was published May 24, 2022
Local privilege escalation due to improper soft link handling. The following products are... High Unreviewed
CVE-2022-44747 was published Nov 8, 2022
In vow, there is a possible information disclosure due to a symbolic link following. This could... Moderate Unreviewed
CVE-2022-26456 was published Sep 7, 2022
The (1) kantiword (kantiword.sh) and (2) gantiword (gantiword.sh) scripts in antiword 0.35 and... Low Unreviewed
CVE-2005-3126 was published May 1, 2022
Race condition in Java 1.4.2 before 1.4.2 Release 2 on Apple Mac OS X allows local users to... Low Unreviewed
CVE-2005-2527 was published May 1, 2022
passwd in Directory Services in Mac OS X 10.3.x before 10.3.9 and 10.4.x before 10.4.5 allows... Moderate Unreviewed
CVE-2005-2714 was published May 1, 2022
GNU Gnump3d before 2.9.8 allows local users to modify or delete arbitrary files via a symlink... Low Unreviewed
CVE-2005-3349 was published May 1, 2022
rm_mlcache_file in bos.rte.install in AIX 5.1.0 through 5.3.0 allows local users to overwrite... Low Unreviewed
CVE-2006-1247 was published May 1, 2022
Measuresoft ScadaPro Server and Client (All Versions) do not properly resolve links before file... High Unreviewed
CVE-2022-2897 was published Sep 1, 2022
openexec in OpenBase SQL before 10.0.1 allows local users to create arbitrary files via a symlink... Low Unreviewed
CVE-2006-5851 was published May 1, 2022
Measuresoft ScadaPro Server and Client (All Versions) do not properly resolve links before file... Moderate Unreviewed
CVE-2022-2898 was published Sep 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database