GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
1,002 advisories
Filter by severity
Windows Update Stack Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-21432
was published
Mar 12, 2024
Improper Link Resolution Before File Access ('Link Following') vulnerability in HYPR Workforce...
Moderate
Unreviewed
CVE-2024-0068
was published
Feb 29, 2024
Microsoft Azure File Sync Elevation of Privilege Vulnerability
Moderate
Unreviewed
CVE-2024-21397
was published
Feb 13, 2024
Azure Connected Machine Agent Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-21329
was published
Feb 13, 2024
HashiCorp Nomad vulnerable to symlink attacks
High
CVE-2024-1329
was published
for
github.com/hashicorp/nomad
(Go)
Feb 8, 2024
Dell Display Manager application, version 2.1.1.17 and prior, contain an insecure operation on...
Moderate
Unreviewed
CVE-2023-32474
was published
Feb 6, 2024
DUP framework version 4.9.4.36 and prior contains insecure operation on Windows junction/Mount...
Moderate
Unreviewed
CVE-2023-32454
was published
Feb 6, 2024
A path traversal vulnerability was found in the CPIO utility. This issue could allow a remote...
High
Unreviewed
CVE-2023-7216
was published
Feb 5, 2024
A security agent link following vulnerability in Trend Micro Apex One could allow a local...
High
Unreviewed
CVE-2023-52090
was published
Jan 23, 2024
A security agent link following vulnerability in Trend Micro Apex One could allow a local...
High
Unreviewed
CVE-2023-52092
was published
Jan 23, 2024
An anti-spyware engine link following vulnerability in Trend Micro Apex One could allow a local...
High
Unreviewed
CVE-2023-52091
was published
Jan 23, 2024
An updater link following vulnerability in the Trend Micro Apex One agent could allow a local...
High
Unreviewed
CVE-2023-52094
was published
Jan 23, 2024
A link following vulnerability in the Trend Micro Deep Security 20.0 and Trend Micro Cloud One -...
High
Unreviewed
CVE-2023-52338
was published
Jan 23, 2024
An agent link vulnerability in the Trend Micro Apex One security agent could allow a local...
High
Unreviewed
CVE-2023-47192
was published
Jan 23, 2024
Improper Link Resolution Before File Access ('Link Following') vulnerability in HYPR Workforce...
Moderate
Unreviewed
CVE-2023-6335
was published
Jan 16, 2024
Improper Link Resolution Before File Access ('Link Following') vulnerability in HYPR Workforce...
High
Unreviewed
CVE-2023-6336
was published
Jan 16, 2024
PAX Android based POS devices with PayDroid_8.1.0_Sagittarius_V11.1.50_20230614 or earlier can...
High
Unreviewed
CVE-2023-42137
was published
Jan 15, 2024
IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0...
High
Unreviewed
CVE-2023-31003
was published
Jan 11, 2024
Visual Studio Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-20656
was published
Jan 9, 2024
A symbolic link manipulation vulnerability in Trellix Anti-Malware Engine prior to the January...
High
Unreviewed
CVE-2024-0206
was published
Jan 9, 2024
Improper link resolution before file access ('Link Following') issue exists in iPrint&Scan...
Moderate
Unreviewed
CVE-2023-51654
was published
Dec 26, 2023
Support Assistant in NCP Secure Enterprise Client before 13.10 allows attackers to execute DLL...
High
Unreviewed
CVE-2023-28872
was published
Dec 25, 2023
Buildkite Elastic CI for AWS symbolic link following vulnerability
High
CVE-2023-43116
was published
for
github.com/buildkite/elastic-ci-stack-for-aws/v6
(Go)
Dec 22, 2023
Support Assistant in NCP Secure Enterprise Client before 12.22 allows attackers read the contents...
Moderate
Unreviewed
CVE-2023-28869
was published
Dec 9, 2023
Support Assistant in NCP Secure Enterprise Client before 12.22 allows attackers to read registry...
Moderate
Unreviewed
CVE-2023-28871
was published
Dec 9, 2023
ProTip!
Advisories are also available from the
GraphQL API