Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,170
Erlang
30
GitHub Actions
19
Go
1,981
Maven
5,000+
npm
3,700
NuGet
656
pip
3,319
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

398 advisories

Loading
Open redirect vulnerability in Menalto Gallery before 2.2.4 allows remote attackers to redirect... Moderate Unreviewed
CVE-2007-6692 was published May 1, 2022
Audacity 1.3.2 creates a temporary directory with a predictable name without checking for... Moderate Unreviewed
CVE-2007-6061 was published May 1, 2022
feynmf.pl in feynmf 1.08, as used in TeXLive 2007, allows local users to overwrite arbitrary... Moderate Unreviewed
CVE-2007-5940 was published May 1, 2022
The e_hostname function in commands.c in BitchX 1.1a allows local users to overwrite arbitrary... Moderate Unreviewed
CVE-2007-5839 was published May 1, 2022
vobcopy 0.5.14 allows local users to append data to an arbitrary file, or create an arbitrary new... Moderate Unreviewed
CVE-2007-5718 was published May 1, 2022
Open redirect vulnerability in command.php in SiteBar 3.3.8 allows remote attackers to redirect... Moderate Unreviewed
CVE-2007-5695 was published May 1, 2022
db2dasrrm in the DB2 Administration Server (DAS) in IBM DB2 Universal Database 9.5 before Fix... Moderate Unreviewed
CVE-2007-5664 was published May 1, 2022
sealert in setroubleshoot 2.0.5 allows local users to overwrite arbitrary files via a symlink... Moderate Unreviewed
CVE-2007-5495 was published May 1, 2022
The web console in CA (formerly Computer Associates) eTrust ITM (Threat Manager) 8.1 allows... Moderate Unreviewed
CVE-2007-5437 was published May 1, 2022
The (1) tramp-make-temp-file and (2) tramp-make-tramp-temp-file functions in Tramp 2.1.10... Moderate Unreviewed
CVE-2007-5377 was published May 1, 2022
cp, when running with an option to preserve symlinks on multiple OSes, allows local, user... Moderate Unreviewed
CVE-2007-4998 was published May 1, 2022
The session extension in PHP before 5.2.4 might allow local users to bypass open_basedir... Moderate Unreviewed
CVE-2007-4652 was published May 1, 2022
The DataLoader::doStart function in dataloader.cpp in QGit 1.5.6 and other versions up to 2pre1... Moderate Unreviewed
CVE-2007-4631 was published May 1, 2022
KDE Konqueror 3.5.7 allows remote attackers to spoof the URL address bar by calling setInterval... Moderate Unreviewed
CVE-2007-4224 was published May 1, 2022
(1) xenbaked and (2) xenmon.py in Xen 3.1 and earlier allow local users to truncate arbitrary... Moderate Unreviewed
CVE-2007-3919 was published May 1, 2022
The main function in skkdic-expr.c in SKK Tools 1.2 allows local users to overwrite or delete... Moderate Unreviewed
CVE-2007-3916 was published May 1, 2022
The init.d script for the X.Org X11 xfs font server on various Linux distributions might allow... Moderate Unreviewed
CVE-2007-3103 was published May 1, 2022
Session fixation vulnerability in eggblog 3.1.0 and earlier allows remote attackers to hijack web... Moderate Unreviewed
CVE-2007-2978 was published May 1, 2022
Certain setuid DB2 binaries in IBM DB2 before 9 Fix Pack 2 for Linux and Unix allow local users... Moderate Unreviewed
CVE-2007-1027 was published May 1, 2022
passwd in Directory Services in Mac OS X 10.3.x before 10.3.9 and 10.4.x before 10.4.5 allows... Moderate Unreviewed
CVE-2005-2714 was published May 1, 2022
The mysqlaccess script in MySQL 4.0.23 and earlier, 4.1.x before 4.1.10, 5.0.x before 5.0.3, and... Moderate Unreviewed
CVE-2005-0004 was published May 1, 2022
Sun PC NetLink 1.0 through 1.2 does not properly set the access control list (ACL) for files and... Moderate Unreviewed
CVE-2002-2323 was published Apr 30, 2022
Hard link and possibly symbolic link following vulnerabilities in QNX RTOS 4.25 (aka QNX4) allow... Moderate Unreviewed
CVE-2002-0793 was published Apr 30, 2022
NTFS file system in Windows NT 4.0 and Windows 2000 SP2 allows local attackers to hide file usage... Moderate Unreviewed
CVE-2002-0725 was published Apr 30, 2022
WFTPD 3.00 allows remote attackers to read arbitrary files by uploading a (link) file that ends... Moderate Unreviewed
CVE-2001-1386 was published Apr 30, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database