Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,968
Erlang
39
GitHub Actions
38
Go
2,616
Maven
5,000+
npm
4,255
NuGet
760
pip
4,040
Pub
12
RubyGems
953
Rust
1,050
Swift
45
Unreviewed advisories
All unreviewed
5,000+

167 advisories

Loading
The PEAR_REST class in REST.php in PEAR in PHP through 5.6.0 allows local users to write to... Low Unreviewed
CVE-2014-5459 was published May 13, 2022
A UNIX Symbolic Link (Symlink) Following vulnerability in chkstat of SUSE Linux Enterprise Server... Low Unreviewed
CVE-2020-8013 was published May 24, 2022
Puppet before 3.3.3 and 3.4 before 3.4.1 and Puppet Enterprise (PE) before 2.8.4 and 3.1 before 3... Low Unreviewed
CVE-2013-4969 was published May 13, 2022
contrib/pdfmark/pdfroff.sh in GNU troff (aka groff) before 1.21 allows local users to overwrite... Low Unreviewed
CVE-2009-5044 was published May 3, 2022
pimd 2.1.5 and possibly earlier versions allows user-assisted local users to overwrite arbitrary... Low Unreviewed
CVE-2011-0007 was published May 3, 2022
The SPICE Firefox plug-in (spice-xpi) 2.4, 2.3, 2.2, and possibly other versions allows local... Low Unreviewed
CVE-2011-0012 was published May 3, 2022
The sort_offline function for texindex in texinfo 4.8 and earlier allows local users to overwrite... Low Unreviewed
CVE-2005-3011 was published May 3, 2022
GNU nano before 2.2.4 does not verify whether a file has been changed before it is overwritten in... Low Unreviewed
CVE-2010-1160 was published May 2, 2022
Certain patch-installation scripts in Oracle Solaris allow local users to append data to... Low Unreviewed
CVE-2010-1183 was published May 2, 2022
fusermount in FUSE before 2.7.5, and 2.8.x before 2.8.2, allows local users to unmount an... Low Unreviewed
CVE-2010-0789 was published May 2, 2022
Folder Manager in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, allows local users to delete... Low Unreviewed
CVE-2010-0546 was published May 2, 2022
The Cisco trial client on Linux for Cisco AnyConnect SSL VPN allows local users to overwrite... Low Unreviewed
CVE-2009-5007 was published May 2, 2022
vccleaner in VideoCache 1.9.2 allows local users with Squid proxy user privileges to overwrite... Low Unreviewed
CVE-2009-4454 was published May 2, 2022
Coccinelle 0.1.7 allows local users to overwrite arbitrary files via a symlink attack on an... Low Unreviewed
CVE-2009-1753 was published May 2, 2022
GForge 4.5.14, 4.7 rc2, and 4.8.2 allows local users to overwrite arbitrary files via a symlink... Low Unreviewed
CVE-2009-3304 was published May 2, 2022
Firewall Builder 3.0.4, 3.0.5, and 3.0.6, when running on Linux, allows local users to gain... Low Unreviewed
CVE-2009-4664 was published May 2, 2022
Merkaartor 0.14 allows local users to append data to arbitrary files via a symlink attack on the ... Low Unreviewed
CVE-2009-4193 was published May 2, 2022
The MagnatuneBrowser::listDownloadComplete function in magnatunebrowser/magnatunebrowser.cpp in... Low Unreviewed
CVE-2008-3699 was published May 2, 2022
acroread in Adobe Acrobat Reader 8.1.2 allows local users to overwrite arbitrary files via a... Low Unreviewed
CVE-2008-0883 was published May 1, 2022
wml_backend/p1_ipp/ipp.src in Website META Language (WML) 2.0.11 allows local users to overwrite... Low Unreviewed
CVE-2008-0665 was published May 1, 2022
lib/prefs.tcl in Cecilia 2.0.5 allows local users to overwrite arbitrary files via a symlink... Low Unreviewed
CVE-2008-1832 was published May 1, 2022
Website META Language (WML) 2.0.11 allows local users to overwrite arbitrary files via a symlink... Low Unreviewed
CVE-2008-0666 was published May 1, 2022
ClamAV 0.92 allows local users to overwrite arbitrary files via a symlink attack on (1) temporary... Low Unreviewed
CVE-2007-6595 was published May 1, 2022
sylprint.pl in claws mail tools (claws-mail-tools) allows local users to overwrite arbitrary... Low Unreviewed
CVE-2007-6208 was published May 1, 2022
The init script for Apache Geronimo on SUSE Linux follows symlinks when performing a chown... Low Unreviewed
CVE-2008-0732 was published May 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database