GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,168
Erlang
30
GitHub Actions
19
Go
1,981
Maven
5,000+
npm
3,700
NuGet
656
pip
3,319
Pub
11
RubyGems
882
Rust
832
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
155 advisories
Filter by severity
alsa-utils 1.0.19 and later versions allows local users to overwrite arbitrary files via a...
Low
Unreviewed
CVE-2009-0035
was published
Apr 21, 2022
mod_gzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode...
Low
Unreviewed
CVE-2003-0844
was published
Apr 29, 2022
Pedestal Software Integrity Protection Driver (IPD) 1.3 and earlier allows privileged attackers,...
Low
Unreviewed
CVE-2003-1233
was published
Apr 29, 2022
The LiveUpdate capability (liveupdate.sh) in Symantec AntiVirus Scan Engine 4.0 and 4.3 for Red...
Low
Unreviewed
CVE-2004-0217
was published
Apr 29, 2022
wmFrog weather monitor 0.1.6 and other versions before 0.2.0 allows local users to overwrite...
Low
Unreviewed
CVE-2004-2473
was published
Apr 29, 2022
Perl 5.004_04 and earlier follows symbolic links when running with the -e option, which allows...
Low
Unreviewed
CVE-1999-1386
was published
Apr 30, 2022
DiskCheck script diskcheck.pl in Red Hat Linux 6.2 allows local users to create or overwrite...
Low
Unreviewed
CVE-2000-0715
was published
Apr 30, 2022
HP-UX 11.00 crontab allows local users to read arbitrary files via the -e option by creating a...
Low
Unreviewed
CVE-2000-0972
was published
Apr 30, 2022
Joe text editor follows symbolic links when creating a rescue copy called DEADJOE during an...
Low
Unreviewed
CVE-2000-1178
was published
Apr 30, 2022
htpasswd and htdigest in Apache 2.0a9, 1.3.14, and others allows local users to overwrite...
Low
Unreviewed
CVE-2001-0131
was published
Apr 30, 2022
fetchmailconf in fetchmail before 5.7.4 allows local users to overwrite files of other users via...
Low
Unreviewed
CVE-2001-1378
was published
Apr 30, 2022
script command in the util-linux package before 2.11n allows local users to overwrite arbitrary...
Low
Unreviewed
CVE-2001-1494
was published
Apr 30, 2022
The tempname_ensure function in lib/routines.h in a2ps 4.14 and earlier, as used by the spy_user...
Low
Unreviewed
CVE-2001-1593
was published
Apr 30, 2022
Firefox before 1.0.1 and Mozilla before 1.7.6 allows remote malicious web sites to overwrite...
Low
Unreviewed
CVE-2005-0587
was published
May 1, 2022
The internal_dump function in Mathopd before 1.5p5, and 1.6x before 1.6b6 BETA, when Mathopd is...
Low
Unreviewed
CVE-2005-0824
was published
May 1, 2022
LutelWall 0.97 and earlier allows local users to overwrite arbitrary files via a symlink attack...
Low
Unreviewed
CVE-2005-1879
was published
May 1, 2022
everybuddy 0.4.3 and earlier allows local users to overwrite arbitrary files via a symlink attack...
Low
Unreviewed
CVE-2005-1880
was published
May 1, 2022
linki.py in ekg 2005-06-05 and earlier allows local users to overwrite or create arbitrary files...
Low
Unreviewed
CVE-2005-1916
was published
May 1, 2022
Race condition in Java 1.4.2 before 1.4.2 Release 2 on Apple Mac OS X allows local users to...
Low
Unreviewed
CVE-2005-2527
was published
May 1, 2022
The (1) kantiword (kantiword.sh) and (2) gantiword (gantiword.sh) scripts in antiword 0.35 and...
Low
Unreviewed
CVE-2005-3126
was published
May 1, 2022
GNU Gnump3d before 2.9.8 allows local users to modify or delete arbitrary files via a symlink...
Low
Unreviewed
CVE-2005-3349
was published
May 1, 2022
rm_mlcache_file in bos.rte.install in AIX 5.1.0 through 5.3.0 allows local users to overwrite...
Low
Unreviewed
CVE-2006-1247
was published
May 1, 2022
openexec in OpenBase SQL before 10.0.1 allows local users to create arbitrary files via a symlink...
Low
Unreviewed
CVE-2006-5851
was published
May 1, 2022
gforge 3.1 and 4.5.14 allows local users to truncate arbitrary files via a symlink attack on...
Low
Unreviewed
CVE-2007-3921
was published
May 1, 2022
CoolKey 1.1.0 allows local users to overwrite arbitrary files via a symlink attack on temporary...
Low
Unreviewed
CVE-2007-4129
was published
May 1, 2022
ProTip!
Advisories are also available from the
GraphQL API