GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,493
Composer 4,168
Erlang 30
GitHub Actions 19
Go 1,981
Maven 5,154
npm 3,700
NuGet 656
pip 3,319
Pub 11
RubyGems 882
Rust 832
Swift 35

Unreviewed advisories

All unreviewed 232,904

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

155 advisories

Filter by severity

Sort by

Least recently updated

iproute2 before 3.3.0 allows local users to overwrite arbitrary files via a symlink attack on a... Low Unreviewed

CVE-2012-1088 was published May 17, 2022

svnwcsub.py in Subversion 1.8.0 before 1.8.3, when using the --pidfile option and running in... Low Unreviewed

CVE-2013-4262 was published May 17, 2022

The daemonize.py module in Subversion 1.8.0 before 1.8.2 allows local users to gain privileges... Low Unreviewed

CVE-2013-7393 was published May 17, 2022

lib/parse_ini.c in Nagios Plugins 2.0.2 allows local users to obtain sensitive information via a... Low Unreviewed

CVE-2014-4703 was published May 17, 2022

GNU Parallel before 20150422, when using (1) --pipe, (2) --tmux, (3) --cat, (4) --fifo, or (5) -... Low Unreviewed

CVE-2015-4155 was published May 17, 2022

The abrt-action-install-debuginfo-to-abrt-cache help program in Automatic Bug Reporting Tool ... Low Unreviewed

CVE-2015-5273 was published May 17, 2022

The web interface in CUPS before 1.7.4 allows local users in the lp group to read arbitrary files... Low Unreviewed

CVE-2014-3537 was published May 17, 2022

acinclude.m4, as used in the configure script in PHP 5.5.13 and earlier, allows local users to... Low Unreviewed

CVE-2014-3981 was published May 17, 2022

The web interface in CUPS 1.7.4 allows local users in the lp group to read arbitrary files via a... Low Unreviewed

CVE-2014-5029 was published May 17, 2022

CUPS before 2.0 allows local users to read arbitrary files via a symlink attack on (1) index.html... Low Unreviewed

CVE-2014-5030 was published May 17, 2022

vzctl before 4.9.4 determines the virtual environment (VE) layout based on the presence of root... Low Unreviewed

CVE-2015-6927 was published May 17, 2022

senddoc in OpenOffice.org (OOo) 2.4.1 allows local users to overwrite arbitrary files via a... Low Unreviewed

CVE-2008-4937 was published May 17, 2022

maps/Info/combine.pl in CrossFire crossfire-maps 1.11.0 allows local users to overwrite arbitrary... Low Unreviewed

CVE-2008-4908 was published May 17, 2022

The SmartPoster implementation on the Nokia 6131 Near Field Communication (NFC) phone with 05.12... Low Unreviewed

CVE-2008-5825 was published May 17, 2022

emesenelib/ProfileManager.py in emesene before 1.6.2 allows local users to overwrite arbitrary... Low Unreviewed

CVE-2010-2053 was published May 17, 2022

The make include files in NetBSD before 1.6.2, as used in pmake 1.111 and other products, allow... Low Unreviewed

CVE-2011-1920 was published May 17, 2022

The configure script in D-Bus (aka DBus) 1.2.x before 1.2.28 allows local users to overwrite... Low Unreviewed

CVE-2011-2533 was published May 17, 2022

src/common/latex.py in Gajim 0.15 allows local users to overwrite arbitrary files via a symlink... Low Unreviewed

CVE-2012-2093 was published May 17, 2022

The qmailscan plugin for Munin 1.4.5 allows local users to overwrite arbitrary files via a... Low Unreviewed

CVE-2012-2103 was published May 17, 2022

IBM Advanced Settings Utility (ASU) through 3.62 and 3.70 through 9.21 and Bootable Media Creator... Low Unreviewed

CVE-2012-3329 was published May 17, 2022

welcome.py in xdiagnose before 2.5.2ubuntu0.1 allows local users to overwrite arbitrary files via... Low Unreviewed

CVE-2012-5355 was published May 17, 2022

syncevo/installcheck-local.sh in syncevolution before 1.3.99.7 uses mktemp to create a safe... Low Unreviewed

CVE-2014-1639 was published May 17, 2022

(1) debian/postrm and (2) debian/localepurge.config in localepurge before 0.7.3.2 use tempfile to... Low Unreviewed

CVE-2014-1638 was published May 17, 2022

axiom-test.sh in axiom 20100701-1.1 uses tempfile to create a safe temporary file but appends a... Low Unreviewed

CVE-2014-1640 was published May 17, 2022

The Capture::Tiny module before 0.24 for Perl allows local users to write to arbitrary files via... Low Unreviewed

CVE-2014-1875 was published May 17, 2022

Previous 1 2 3 4 5 6 7 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

155 advisories