GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,512
Composer 4,968
Erlang 39
GitHub Actions 38
Go 2,616
Maven 6,100
npm 4,255
NuGet 760
pip 4,040
Pub 12
RubyGems 953
Rust 1,050
Swift 45

Unreviewed advisories

All unreviewed 275,891

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

167 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

hammerhead.cc in Hammerhead 2.1.4 allows local users to write to arbitrary files via a symlink... Low Unreviewed

CVE-2011-3204 was published May 17, 2022

The configure script in gnash 0.8.8 allows local users to overwrite arbitrary files via a symlink... Low Unreviewed

CVE-2010-4337 was published May 17, 2022

The errorExitIfAttackViaString function in Tunnelblick 3.3beta20 and earlier allows local users... Low Unreviewed

CVE-2012-4676 was published May 17, 2022

as31 2.3.1-4 does not seed the random number generator and generates predictable temporary file... Low Unreviewed

CVE-2012-0808 was published May 17, 2022

Bokken before 1.6 and 1.5-x before 1.5-3 for Debian allows local users to overwrite arbitrary... Low Unreviewed

CVE-2011-5146 was published May 17, 2022

android-tools 4.1.1 in Android Debug Bridge (ADB) allows local users to overwrite arbitrary files... Low Unreviewed

CVE-2012-5564 was published May 17, 2022

The cupsFileOpen function in CUPS before 1.4.4 allows local users, with lp group membership, to... Low Unreviewed

CVE-2010-2431 was published May 17, 2022

ProcessTable.pm in the Proc::ProcessTable module 0.45 for Perl, when TTY information caching is... Low Unreviewed

CVE-2011-4363 was published May 17, 2022

Centrify Deployment Manager 2.1.0.283, as distributed in Centrify Suite before 2012.5, allows... Low Unreviewed

CVE-2012-6348 was published May 17, 2022

bin/rt in Request Tracker (RT) 3.8.x before 3.8.17 and 4.0.x before 4.0.13 allows local users to... Low Unreviewed

CVE-2013-3368 was published May 17, 2022

A certain Debian patch for txt2man 1.5.5, as used in txt2man 1.5.5-2, 1.5.5-4, and others, allows... Low Unreviewed

CVE-2013-1444 was published May 17, 2022

userpref.c in libimobiledevice 1.1.4, when $HOME and $XDG_CONFIG_HOME are not set, allows local... Low Unreviewed

CVE-2013-2142 was published May 17, 2022

dmrc.c in Light Display Manager (aka LightDM) before 1.1.1 allows local users to read arbitrary... Low Unreviewed

CVE-2011-3153 was published May 17, 2022

The play_wave_from_socket function in audio/auserver.c in Flite 1.4 allows local users to modify... Low Unreviewed

CVE-2014-0027 was published May 17, 2022

The transform_save function in transform.c in Augeas before 1.0.0 allows local users to overwrite... Low Unreviewed

CVE-2012-0786 was published May 17, 2022

LightDM before 1.0.6 allows local users to change ownership of arbitrary files via a symlink... Low Unreviewed

CVE-2011-4105 was published May 17, 2022

A UNIX Symbolic Link (Symlink) Following vulnerability in the mysql-systemd-helper of the mariadb... Low Unreviewed

CVE-2019-18901 was published May 24, 2022

lppasswd in CUPS before 1.7.1, when running with setuid privileges, allows local users to read... Low Unreviewed

CVE-2013-6891 was published May 17, 2022

base/pkit.py in HP Linux Imaging and Printing (HPLIP) through 3.13.11 allows local users to... Low Unreviewed

CVE-2013-6402 was published May 17, 2022

DistUpgrade/DistUpgradeViewKDE.py in Update Manager before 1:0.87.31.1, 1:0.134.x before 1:0.134... Low Unreviewed

CVE-2011-3154 was published May 17, 2022

The openTempFile function in goo/gfile.cc in Xpdf and Poppler 0.24.3 and earlier, when running on... Low Unreviewed

CVE-2013-4472 was published May 17, 2022

include/tests_webservers in Lynis before 1.5.5 allows local users to overwrite arbitrary files... Low Unreviewed

CVE-2014-3986 was published May 17, 2022

include/tests_webservers in Lynis before 1.5.5 on AIX allows local users to overwrite arbitrary... Low Unreviewed

CVE-2014-3982 was published May 17, 2022

The Qualcomm Innovation Center (QuIC) init scripts in Code Aurora Forum (CAF) releases of Android... Low Unreviewed

CVE-2013-6124 was published May 17, 2022

The undo save quit routine in the kernel in Blender 2.5, 2.63a, and earlier allows local users to... Low Unreviewed

CVE-2010-5105 was published May 17, 2022

Previous 1…67 Next

Previous 1 2 3 4 5 6 7 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

167 advisories