Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,198
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,702
NuGet
656
pip
3,328
Pub
11
RubyGems
883
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

438 advisories

Loading
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open... Moderate Unreviewed
CVE-2021-32555 was published May 24, 2022
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open... Moderate Unreviewed
CVE-2021-32552 was published May 24, 2022
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open... Moderate Unreviewed
CVE-2021-32554 was published May 24, 2022
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open... Moderate Unreviewed
CVE-2021-32553 was published May 24, 2022
This vulnerability allows local attackers to delete arbitrary directories on affected... Moderate Unreviewed
CVE-2021-27241 was published May 24, 2022
There is an open race window when writing output in the following utilities in GNU binutils... Moderate Unreviewed
CVE-2021-20197 was published May 24, 2022
autoar-extractor.c in GNOME gnome-autoar before 0.3.1, as used by GNOME Shell, Nautilus, and... Moderate Unreviewed
CVE-2021-28650 was published May 24, 2022
An issue was discovered in GNOME GLib before 2.66.8. When g_file_replace() is used with... Moderate Unreviewed
CVE-2021-28153 was published May 24, 2022
A vulnerability exists in IBM SPSS Modeler Subscription Installer that allows a user with create... Moderate Unreviewed
CVE-2020-4717 was published May 24, 2022
Windows Mobile Device Management Information Disclosure Vulnerability Moderate Unreviewed
CVE-2021-24084 was published May 24, 2022
Privilege Escalation vulnerability in McAfee Total Protection (MTP) prior to 16.0.30 allows a... Moderate Unreviewed
CVE-2021-23873 was published May 24, 2022
autoar-extractor.c in GNOME gnome-autoar through 0.2.4, as used by GNOME Shell, Nautilus, and... Moderate Unreviewed
CVE-2020-36241 was published May 24, 2022
OnCommand Unified Manager Core Package versions prior to 5.2.5 may disclose sensitive account... Moderate Unreviewed
CVE-2020-8585 was published May 24, 2022
IBM Security Identity Governance and Intelligence 5.2.6 does not set the secure attribute on... Moderate Unreviewed
CVE-2020-4966 was published May 24, 2022
Arbitrary file read vulnerability in workspace browsers in Jenkins Moderate
CVE-2021-21602 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
NotMyFault
A vulnerability in the Secure FTP (SFTP) of Cisco StarOS for Cisco ASR 5000 Series Routers could... Moderate Unreviewed
CVE-2021-1145 was published May 24, 2022
NLnet Labs Unbound, up to and including version 1.12.0, and NLnet Labs NSD, up to and including... Moderate Unreviewed
CVE-2020-28935 was published May 24, 2022
UNIX Symbolic Link (Symlink) Following in TP-Link Archer C9(US)_V1_180125 firmware allows an... Moderate Unreviewed
CVE-2020-5797 was published May 24, 2022
checkpath in OpenRC through 0.42.1 might allow local users to take ownership of arbitrary files... Moderate Unreviewed
CVE-2018-21269 was published May 24, 2022
opentmpfiles through 0.3.1 allows local users to take ownership of arbitrary files because d... Moderate Unreviewed
CVE-2017-18925 was published May 24, 2022
Improper Access Control vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7... Moderate Unreviewed
CVE-2020-7319 was published May 24, 2022
In KDE Ark before 20.08.1, a crafted TAR archive with symlinks can install files outside the... Moderate Unreviewed
CVE-2020-24654 was published May 24, 2022
An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root... Moderate Unreviewed
CVE-2020-24332 was published May 24, 2022
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could... Moderate Unreviewed
CVE-2020-3437 was published May 24, 2022
An issue was discovered in Icinga2 before v2.12.0-rc1. The prepare-dirs script (run as part of... Moderate Unreviewed
CVE-2020-14004 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database