GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,226
Erlang
31
GitHub Actions
19
Go
1,991
Maven
5,000+
npm
3,708
NuGet
661
pip
3,341
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+
439 advisories
Filter by severity
An issue was discovered in Icinga2 before v2.12.0-rc1. The prepare-dirs script (run as part of...
Moderate
Unreviewed
CVE-2020-14004
was published
May 24, 2022
A vulnerability in the Cisco Application Framework component of the Cisco IOx application...
Moderate
Unreviewed
CVE-2020-3237
was published
May 24, 2022
A vulnerability in the web-based user interface (web UI) of Cisco IOS XE Software could allow an...
Moderate
Unreviewed
CVE-2020-3223
was published
May 24, 2022
Inappropriate implementation in installer in Google Chrome on OS X prior to 83.0.4103.61 allowed...
Moderate
Unreviewed
CVE-2020-6477
was published
May 24, 2022
UNIX Symbolic Link (Symlink) Following vulnerability in the cronjob shipped with nagios of SUSE...
Moderate
Unreviewed
CVE-2019-3698
was published
May 24, 2022
Kevin Backhouse discovered that apport would read a user-supplied configuration file with...
Moderate
Unreviewed
CVE-2019-11481
was published
May 24, 2022
daemon/abrt-handle-upload.in in Automatic Bug Reporting Tool (ABRT), when moving problem reports...
Moderate
Unreviewed
CVE-2015-3147
was published
May 24, 2022
Dell Command Update versions prior to 3.1 contain an Arbitrary File Deletion Vulnerability. A...
Moderate
Unreviewed
CVE-2019-3750
was published
May 24, 2022
The quarantine restoration function in Total Defense Anti-virus 11.5.2.28 is vulnerable to...
Moderate
Unreviewed
CVE-2019-18645
was published
May 24, 2022
Podman Symlink Vulnerability
Moderate
CVE-2019-18466
was published
for
github.com/containers/podman/v4
(Go)
May 24, 2022
In Avast Antivirus before 19.4, a local administrator can trick the product into renaming...
Moderate
Unreviewed
CVE-2019-11230
was published
May 24, 2022
In GNU patch through 2.7.6, the following of symlinks is mishandled in certain cases other than...
Moderate
Unreviewed
CVE-2019-13636
was published
May 24, 2022
deepin-clone before 1.1.3 uses a fixed path /tmp/partclone.log in the Helper:...
Moderate
Unreviewed
CVE-2019-13229
was published
May 24, 2022
In GUI mode, deepin-clone before 1.1.3 creates a log file at the fixed path /tmp/.deepin-clone...
Moderate
Unreviewed
CVE-2019-13227
was published
May 24, 2022
deepin-clone before 1.1.3 uses a fixed path /tmp/repo.iso in the BootDoctor::fix() function to...
Moderate
Unreviewed
CVE-2019-13228
was published
May 24, 2022
Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server
Moderate
CVE-2022-24904
was published
for
github.com/argoproj/argo-cd/v2
(Go)
May 23, 2022
** DISPUTED ** postinst in twiki 4.1.2 allows local users to overwrite arbitrary files via a...
Moderate
Unreviewed
CVE-2008-4998
was published
May 17, 2022
pscal in xcal 4.1 allows local users to overwrite arbitrary files via a symlink attack on a /tmp...
Moderate
Unreviewed
CVE-2008-4988
was published
May 17, 2022
** DISPUTED ** init in initramfs-tools 0.92f allows local users to overwrite arbitrary files via...
Moderate
Unreviewed
CVE-2008-4996
was published
May 17, 2022
** DISPUTED ** master-filter in printfilters-ppd 2.13 allows local users to overwrite arbitrary...
Moderate
Unreviewed
CVE-2008-5034
was published
May 17, 2022
** DISPUTED ** postfix_groups.pl in Postfix 2.5.2 allows local users to overwrite arbitrary...
Moderate
Unreviewed
CVE-2008-4977
was published
May 17, 2022
** DISPUTED ** dfxml-invoice in datafreedom-perl 0.1.7 allows local users to overwrite arbitrary...
Moderate
Unreviewed
CVE-2008-4997
was published
May 17, 2022
** DISPUTED ** os-prober in os-prober 1.17 allows local users to overwrite arbitrary files via a...
Moderate
Unreviewed
CVE-2008-5135
was published
May 17, 2022
add-accession-numbers in ctn 3.0.6 allows local users to overwrite arbitrary files via a symlink...
Moderate
Unreviewed
CVE-2008-5146
was published
May 17, 2022
test_parser.py in mayavi 1.5 allows local users to overwrite arbitrary files via a symlink attack...
Moderate
Unreviewed
CVE-2008-5151
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API