GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,900
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
981 advisories
Filter by severity
The Firefox updater created a directory writable by non-privileged users. When uninstalling...
Moderate
Unreviewed
CVE-2023-4052
was published
Aug 1, 2023
A website could have obscured the full screen notification by using a URL with a scheme handled...
Moderate
Unreviewed
CVE-2023-4053
was published
Aug 1, 2023
Uploading files which contain symlinks may have allowed an attacker to trick a user into...
Moderate
Unreviewed
CVE-2023-37206
was published
Jul 5, 2023
A link following vulnerability in the Trend Micro Apex One and Apex One as a Service agent could...
Moderate
Unreviewed
CVE-2023-32556
was published
Jun 27, 2023
Dell Command | Update, Dell Update, and Alienware Update versions 4.9.0, A01 and prior contain...
High
Unreviewed
CVE-2023-28071
was published
Jun 23, 2023
Dell Command | Update, Dell Update, and Alienware Update versions 4.8.0 and prior contain an...
High
Unreviewed
CVE-2023-28065
was published
Jun 23, 2023
RenderDoc through 1.26 allows local privilege escalation via a symlink attack.
High
Unreviewed
CVE-2023-33865
was published
Jun 7, 2023
Insufficient data validation in Installer in Google Chrome on Windows prior to 114.0.5735.90...
High
Unreviewed
CVE-2023-2939
was published
May 31, 2023
Minecraft through 1.19 and 1.20 pre-releases before 7 (Java) allow arbitrary file overwrite, and...
High
Unreviewed
CVE-2023-33245
was published
May 30, 2023
imapsync through 2.229 uses predictable paths under /tmp and /var/tmp in its default mode of...
Moderate
Unreviewed
CVE-2023-34204
was published
May 30, 2023
Wacom Tablet Driver installer prior to 6.4.2-1 (for macOS) contains an improper link resolution...
High
Unreviewed
CVE-2023-27529
was published
May 25, 2023
Docker Desktop for Windows before 4.6.0 allows attackers to overwrite any file through a symlink...
High
Unreviewed
CVE-2022-34292
was published
Apr 27, 2023
Docker Desktop before 4.6.0 on Windows allows attackers to delete any file through the hyperv...
High
Unreviewed
CVE-2022-31647
was published
Apr 27, 2023
The SolarWinds Platform was susceptible to the Local Privilege Escalation Vulnerability. This...
High
Unreviewed
CVE-2022-47505
was published
Apr 21, 2023
An NTFS Junction condition exists in the Qualys Cloud Agent
for Windows platform in versions...
Moderate
Unreviewed
CVE-2023-28141
was published
Apr 18, 2023
An Improper Link Resolution Before File Access vulnerability in console port access of Juniper...
Moderate
Unreviewed
CVE-2023-28972
was published
Apr 18, 2023
Wacom Driver 6.3.46-1 for Windows was discovered to contain an arbitrary file write vulnerability...
Moderate
Unreviewed
CVE-2022-43293
was published
Apr 11, 2023
Wacom Driver 6.3.46-1 for Windows and lower was discovered to contain an arbitrary file deletion...
High
Unreviewed
CVE-2022-38604
was published
Apr 11, 2023
Dell PowerScale OneFS version 9.5.0.0 contains improper link resolution before file access...
High
Unreviewed
CVE-2023-25940
was published
Apr 4, 2023
There is an arbitrary file reading vulnerability in Generex UPS CS141 below 2.06 version. An...
High
Unreviewed
CVE-2022-47188
was published
Apr 1, 2023
runc AppArmor bypass with symlinked /proc
Moderate
CVE-2023-28642
was published
for
github.com/opencontainers/runc
(Go)
Mar 30, 2023
Malwarebytes AdwCleaner 8.4.0 runs as Administrator and performs an insecure file delete...
High
Unreviewed
CVE-2023-28892
was published
Mar 29, 2023
In Malwarebytes before 4.5.23, a symbolic link may be used delete any arbitrary file on the...
High
Unreviewed
CVE-2023-26088
was published
Mar 23, 2023
cloudflared's Installer has Local Privilege Escalation Vulnerability
High
CVE-2023-1314
was published
for
github.com/cloudflare/cloudflared
(Go)
Mar 21, 2023
McAfee Total Protection prior to 16.0.50 allows attackers to elevate user privileges due to...
Moderate
Unreviewed
CVE-2023-24577
was published
Mar 13, 2023
ProTip!
Advisories are also available from the
GraphQL API