Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,083
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,644
NuGet
638
pip
3,260
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

431 advisories

Loading
Link Following in rply Moderate
CVE-2014-1938 was published for rply (pip) Mar 11, 2020
Directory Traversal in Docker Moderate
CVE-2014-9358 was published for github.com/docker/docker (Go) Feb 15, 2022
Symlink Attack in Libcontainer and Docker Engine Moderate
CVE-2015-3627 was published for github.com/docker/docker (Go) Feb 15, 2022
VladTheEnterprising allows local users to write to arbitrary files via a symlink attack Moderate
CVE-2014-4996 was published for VladTheEnterprising (RubyGems) May 14, 2022
In connsyslogger, there is a possible symbolic link following due to improper link resolution.... Moderate Unreviewed
CVE-2022-20050 was published Mar 11, 2022
The Debian GNU/Linux /etc/cron.d/php5 cron job for PHP 5.3.5 allows local users to delete... Moderate Unreviewed
CVE-2011-0441 was published May 17, 2022
GNOME Display Manager (gdm) 2.x before 2.32.1 allows local users to change the ownership of... Moderate Unreviewed
CVE-2011-0727 was published May 17, 2022
dpkg-source in dpkg before 1.14.31 and 1.15.x allows user-assisted remote attackers to modify... Moderate Unreviewed
CVE-2011-0402 was published May 17, 2022
In mobile_log_d, there is a possible symbolic link following due to an improper link resolution.... Moderate Unreviewed
CVE-2022-20068 was published Apr 12, 2022
Backup in Apple iOS before 8.4.1 allows attackers to bypass intended restrictions on filesystem... Moderate Unreviewed
CVE-2015-5752 was published May 17, 2022
The init script in the Debian x11-common package before 1:7.6+12 is vulnerable to a symlink... Moderate Unreviewed
CVE-2012-1093 was published Apr 23, 2022
Improper Link Resolution Before File Access in Apache Hadoop Moderate
CVE-2014-3627 was published for org.apache.hadoop:hadoop-client (Maven) May 17, 2022
The mysqlaccess script in MySQL 4.0.23 and earlier, 4.1.x before 4.1.10, 5.0.x before 5.0.3, and... Moderate Unreviewed
CVE-2005-0004 was published May 1, 2022
An issue in the handling of symlinks was addressed with improved validation. This issue is fixed... Moderate Unreviewed
CVE-2022-26688 was published May 27, 2022
sng_regress in SNG 1.0.2 allows local users to overwrite arbitrary files via a symlink attack on... Moderate Unreviewed
CVE-2008-6398 was published May 17, 2022
rlatex in AlcoveBook sgml2x 1.0.0 allows local users to overwrite arbitrary files via a symlink... Moderate Unreviewed
CVE-2008-6397 was published May 17, 2022
A security vulnerability that can lead to local privilege escalation has been found in ’guix... Moderate Unreviewed
CVE-2021-27851 was published May 24, 2022
openibd in OpenFabrics Enterprise Distribution (OFED) 1.5.2 allows local users to overwrite... Moderate Unreviewed
CVE-2010-1693 was published May 17, 2022
Open redirect vulnerability in wp-admin/upgrade.php in WordPress, probably 2.6.x, allows remote... Moderate Unreviewed
CVE-2008-6762 was published May 17, 2022
The AcquireDaemonLock function in ipcdUnix.cpp in Sun Innotek VirtualBox before 2.0.6 allows... Moderate Unreviewed
CVE-2008-5256 was published May 17, 2022
passwdehd in libpam-mount 0.43 allows local users to overwrite arbitrary files via a symlink... Moderate Unreviewed
CVE-2008-5138 was published May 17, 2022
bluetooth.rc in p3nfs 5.19 allows local users to overwrite arbitrary files via a symlink attack... Moderate Unreviewed
CVE-2008-5154 was published May 17, 2022
trend-autoupdate.new in mailscanner 4.55.10 and other versions before 4.74.16-1 allows local... Moderate Unreviewed
CVE-2008-5140 was published May 17, 2022
vdrleaktest in Video Disk Recorder (aka vdr-dbg or vdr) 1.6.0 allows local users to overwrite... Moderate Unreviewed
CVE-2008-4985 was published May 17, 2022
redirect.pl in bk2site 1.1.9 allows local users to overwrite arbitrary files via a symlink attack... Moderate Unreviewed
CVE-2008-4995 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database