Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,163 advisories

Loading
A vulnerability in the Cisco Application Framework component of the Cisco IOx application... Moderate Unreviewed
CVE-2020-3237 was published May 24, 2022
An issue was discovered in Icinga2 before v2.12.0-rc1. The prepare-dirs script (run as part of... Moderate Unreviewed
CVE-2020-14004 was published May 24, 2022
Privilege Escalation vulnerability in McAfee Total Protection (MTP) before 16.0.R26 allows local... Low Unreviewed
CVE-2020-7282 was published May 24, 2022
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could... Moderate Unreviewed
CVE-2020-3437 was published May 24, 2022
Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a symlink vulnerability... High Unreviewed
CVE-2020-9682 was published May 24, 2022
ZoneAlarm Anti-Ransomware before version 1.0.713 copies files for the report from a directory... Low Unreviewed
CVE-2020-6012 was published May 24, 2022
An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root... Moderate Unreviewed
CVE-2020-24332 was published May 24, 2022
Net-SNMP through 5.7.3 allows Escalation of Privileges because of UNIX symbolic link (symlink)... High Unreviewed
CVE-2020-15861 was published May 24, 2022
A flaw was found in chrony versions before 3.5.1 when creating the PID file under the /var/run... Low Unreviewed
CVE-2020-14367 was published May 24, 2022
A vulnerability in Trend Micro Apex One on macOS may allow an attacker to manipulate a certain... High Unreviewed
CVE-2020-24559 was published May 24, 2022
A vulnerability in Trend Micro Apex One and OfficeScan XG SP1 on Microsoft Windows may allow an... High Unreviewed
CVE-2020-24556 was published May 24, 2022
In KDE Ark before 20.08.1, a crafted TAR archive with symlinks can install files outside the... Moderate Unreviewed
CVE-2020-24654 was published May 24, 2022
Improper Access Control vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7... Moderate Unreviewed
CVE-2020-7319 was published May 24, 2022
An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application... Low Unreviewed
CVE-2020-16851 was published May 24, 2022
An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application... Low Unreviewed
CVE-2020-16853 was published May 24, 2022
An elevation of privilege vulnerability exists when Group Policy improperly checks access, aka ... High Unreviewed
CVE-2020-16939 was published May 24, 2022
An issue existed within the path validation logic for symlinks. This issue was addressed with... High Unreviewed
CVE-2020-9901 was published May 24, 2022
An issue existed within the path validation logic for symlinks. This issue was addressed with... High Unreviewed
CVE-2020-9900 was published May 24, 2022
opentmpfiles through 0.3.1 allows local users to take ownership of arbitrary files because d... Moderate Unreviewed
CVE-2017-18925 was published May 24, 2022
checkpath in OpenRC through 0.42.1 might allow local users to take ownership of arbitrary files... Moderate Unreviewed
CVE-2018-21269 was published May 24, 2022
UNIX Symbolic Link (Symlink) Following in TP-Link Archer A7(US)_V5_200721 allows an authenticated... High Unreviewed
CVE-2020-5795 was published May 24, 2022
Ilex International Sign&go Workstation Security Suite 7.1 allows elevation of privileges via a... High Unreviewed
CVE-2020-23968 was published May 24, 2022
Trend Micro Security 2020 (Consumer) contains a vulnerability in the installer package that could... High Unreviewed
CVE-2020-27697 was published May 24, 2022
Privilege escalation via arbitrary file write in pritunl electron client 1.0.1116.6 through v1.2... Critical Unreviewed
CVE-2020-25989 was published May 24, 2022
UNIX Symbolic Link (Symlink) Following in TP-Link Archer C9(US)_V1_180125 firmware allows an... Moderate Unreviewed
CVE-2020-5797 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database