Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,900
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

981 advisories

Loading
The Firefox updater created a directory writable by non-privileged users. When uninstalling... Moderate Unreviewed
CVE-2023-4052 was published Aug 1, 2023
A website could have obscured the full screen notification by using a URL with a scheme handled... Moderate Unreviewed
CVE-2023-4053 was published Aug 1, 2023
Uploading files which contain symlinks may have allowed an attacker to trick a user into... Moderate Unreviewed
CVE-2023-37206 was published Jul 5, 2023
A link following vulnerability in the Trend Micro Apex One and Apex One as a Service agent could... Moderate Unreviewed
CVE-2023-32556 was published Jun 27, 2023
Dell Command | Update, Dell Update, and Alienware Update versions 4.9.0, A01 and prior contain... High Unreviewed
CVE-2023-28071 was published Jun 23, 2023
Dell Command | Update, Dell Update, and Alienware Update versions 4.8.0 and prior contain an... High Unreviewed
CVE-2023-28065 was published Jun 23, 2023
RenderDoc through 1.26 allows local privilege escalation via a symlink attack. High Unreviewed
CVE-2023-33865 was published Jun 7, 2023
Insufficient data validation in Installer in Google Chrome on Windows prior to 114.0.5735.90... High Unreviewed
CVE-2023-2939 was published May 31, 2023
Minecraft through 1.19 and 1.20 pre-releases before 7 (Java) allow arbitrary file overwrite, and... High Unreviewed
CVE-2023-33245 was published May 30, 2023
imapsync through 2.229 uses predictable paths under /tmp and /var/tmp in its default mode of... Moderate Unreviewed
CVE-2023-34204 was published May 30, 2023
Wacom Tablet Driver installer prior to 6.4.2-1 (for macOS) contains an improper link resolution... High Unreviewed
CVE-2023-27529 was published May 25, 2023
Docker Desktop for Windows before 4.6.0 allows attackers to overwrite any file through a symlink... High Unreviewed
CVE-2022-34292 was published Apr 27, 2023
Docker Desktop before 4.6.0 on Windows allows attackers to delete any file through the hyperv... High Unreviewed
CVE-2022-31647 was published Apr 27, 2023
The SolarWinds Platform was susceptible to the Local Privilege Escalation Vulnerability. This... High Unreviewed
CVE-2022-47505 was published Apr 21, 2023
An NTFS Junction condition exists in the Qualys Cloud Agent for Windows platform in versions... Moderate Unreviewed
CVE-2023-28141 was published Apr 18, 2023
An Improper Link Resolution Before File Access vulnerability in console port access of Juniper... Moderate Unreviewed
CVE-2023-28972 was published Apr 18, 2023
Wacom Driver 6.3.46-1 for Windows was discovered to contain an arbitrary file write vulnerability... Moderate Unreviewed
CVE-2022-43293 was published Apr 11, 2023
Wacom Driver 6.3.46-1 for Windows and lower was discovered to contain an arbitrary file deletion... High Unreviewed
CVE-2022-38604 was published Apr 11, 2023
Dell PowerScale OneFS version 9.5.0.0 contains improper link resolution before file access... High Unreviewed
CVE-2023-25940 was published Apr 4, 2023
There is an arbitrary file reading vulnerability in Generex UPS CS141 below 2.06 version. An... High Unreviewed
CVE-2022-47188 was published Apr 1, 2023
runc AppArmor bypass with symlinked /proc Moderate
CVE-2023-28642 was published for github.com/opencontainers/runc (Go) Mar 30, 2023
ssst0n3
Malwarebytes AdwCleaner 8.4.0 runs as Administrator and performs an insecure file delete... High Unreviewed
CVE-2023-28892 was published Mar 29, 2023
In Malwarebytes before 4.5.23, a symbolic link may be used delete any arbitrary file on the... High Unreviewed
CVE-2023-26088 was published Mar 23, 2023
cloudflared's Installer has Local Privilege Escalation Vulnerability High
CVE-2023-1314 was published for github.com/cloudflare/cloudflared (Go) Mar 21, 2023
McAfee Total Protection prior to 16.0.50 allows attackers to elevate user privileges due to... Moderate Unreviewed
CVE-2023-24577 was published Mar 13, 2023
ProTip! Advisories are also available from the GraphQL API