GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,226
Erlang
31
GitHub Actions
19
Go
1,991
Maven
5,000+
npm
3,708
NuGet
661
pip
3,339
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+
1,006 advisories
Filter by severity
On MacOS and Linux, it may be possible to perform a symlink attack by replacing this predictable...
Moderate
Unreviewed
CVE-2022-35631
was published
Jul 30, 2022
mail.local in NetBSD versions 6.0 through 6.0.6, 6.1 through 6.1.5, and 7.0 allows local users to...
High
Unreviewed
CVE-2016-6253
was published
May 17, 2022
lib/parse_ini.c in Nagios Plugins 2.0.2 allows local users to obtain sensitive information via a...
Low
Unreviewed
CVE-2014-4703
was published
May 17, 2022
svnwcsub.py in Subversion 1.8.0 before 1.8.3, when using the --pidfile option and running in...
Low
Unreviewed
CVE-2013-4262
was published
May 17, 2022
The daemonize.py module in Subversion 1.8.0 before 1.8.2 allows local users to gain privileges...
Low
Unreviewed
CVE-2013-7393
was published
May 17, 2022
storeBackup.pl in storeBackup through 3.5 relies on the /tmp/storeBackup.lock pathname, which...
High
Unreviewed
CVE-2020-7040
was published
May 24, 2022
lisp/net/browse-url.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary...
Low
Unreviewed
CVE-2014-3423
was published
May 17, 2022
lisp/emacs-lisp/find-gc.el in GNU Emacs 24.3 and earlier allows local users to overwrite...
Low
Unreviewed
CVE-2014-3422
was published
May 17, 2022
lisp/gnus/gnus-fun.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary...
Low
Unreviewed
CVE-2014-3421
was published
May 17, 2022
lisp/net/tramp-sh.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary...
Low
Unreviewed
CVE-2014-3424
was published
May 17, 2022
Cool Projects TarDiff allows local users to write to arbitrary files via a symlink attack on a...
Low
Unreviewed
CVE-2015-0858
was published
May 17, 2022
zarafa-autorespond in Zarafa Collaboration Platform (ZCP) before 7.2.1 allows local users to gain...
High
Unreviewed
CVE-2015-6566
was published
May 17, 2022
The undo save quit routine in the kernel in Blender 2.5, 2.63a, and earlier allows local users to...
Low
Unreviewed
CVE-2010-5105
was published
May 17, 2022
kernel_crashdump in Apport before 2.19 allows local users to cause a denial of service (disk...
High
Unreviewed
CVE-2015-1338
was published
May 17, 2022
pax 1:20140703 allows remote attackers to write to arbitrary files via a symlink attack in an...
Moderate
Unreviewed
CVE-2015-1194
was published
May 17, 2022
The Read Mail module in Webmin 1.720 allows local users to read arbitrary files via a symlink...
Moderate
Unreviewed
CVE-2015-1377
was published
May 17, 2022
The Qualcomm Innovation Center (QuIC) init scripts in Code Aurora Forum (CAF) releases of Android...
Low
Unreviewed
CVE-2013-6124
was published
May 17, 2022
The (1) mkxmltype and (2) mkdtskel scripts in XML-DT before 0.64 allow local users to overwrite...
Moderate
Unreviewed
CVE-2014-5260
was published
May 17, 2022
include/tests_webservers in Lynis before 1.5.5 on AIX allows local users to overwrite arbitrary...
Low
Unreviewed
CVE-2014-3982
was published
May 17, 2022
include/tests_webservers in Lynis before 1.5.5 allows local users to overwrite arbitrary files...
Low
Unreviewed
CVE-2014-3986
was published
May 17, 2022
The openTempFile function in goo/gfile.cc in Xpdf and Poppler 0.24.3 and earlier, when running on...
Low
Unreviewed
CVE-2013-4472
was published
May 17, 2022
A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of salt of SUSE Linux...
High
Unreviewed
CVE-2019-18897
was published
May 24, 2022
DistUpgrade/DistUpgradeViewKDE.py in Update Manager before 1:0.87.31.1, 1:0.134.x before 1:0.134...
Low
Unreviewed
CVE-2011-3154
was published
May 17, 2022
lppasswd in CUPS before 1.7.1, when running with setuid privileges, allows local users to read...
Low
Unreviewed
CVE-2013-6891
was published
May 17, 2022
base/pkit.py in HP Linux Imaging and Printing (HPLIP) through 3.13.11 allows local users to...
Low
Unreviewed
CVE-2013-6402
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API