Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,318
Erlang
31
GitHub Actions
21
Go
2,074
Maven
5,000+
npm
3,746
NuGet
674
pip
3,434
Pub
12
RubyGems
892
Rust
880
Swift
37
Unreviewed advisories
All unreviewed
5,000+

417 advisories

Loading
qemu-make-debian-root in qemu 0.9.1-5 on Debian GNU/Linux allows local users to overwrite... High Unreviewed
CVE-2008-4553 was published May 2, 2022
alert.d/test.alert in mon 0.99.2 allows local users to overwrite arbitrary files via a symlink... High Unreviewed
CVE-2008-4477 was published May 2, 2022
The to-upgrade plugin in feta 1.4.16 allows local users to overwrite arbitrary files via a... High Unreviewed
CVE-2008-4440 was published May 2, 2022
freeradius-dialupadmin in freeradius 2.0.4 allows local users to overwrite arbitrary files via a... High Unreviewed
CVE-2008-4474 was published May 2, 2022
Tools/faqwiz/move-faqwiz.sh (aka the generic FAQ wizard moving tool) in Python 2.4.5 might allow... High Unreviewed
CVE-2008-4108 was published May 2, 2022
gather-messages.sh in Ampache 3.4.1 allows local users to overwrite arbitrary files via a symlink... High Unreviewed
CVE-2008-3929 was published May 2, 2022
genmsgidx in Tiger 3.2.2 allows local users to overwrite or delete arbitrary files via a symlink... High Unreviewed
CVE-2008-3927 was published May 2, 2022
configvar in Caudium 1.4.12 allows local users to overwrite arbitrary files via a symlink attack... High Unreviewed
CVE-2008-3883 was published May 2, 2022
ibackup 2.27 allows local users to overwrite arbitrary files via a symlink attack on temporary... High Unreviewed
CVE-2008-4475 was published May 2, 2022
A certain Debian patch to the run scripts for sabre (aka xsabre) 0.2.4b allows local users to... High Unreviewed
CVE-2008-4406 was published May 2, 2022
Race condition in the jas_stream_tmpfile function in libjasper/base/jas_stream.c in JasPer 1.900... High Unreviewed
CVE-2008-3521 was published May 2, 2022
w_editeur.c in XWine 1.0.1 for Debian GNU/Linux allows local users to overwrite or print... High Unreviewed
CVE-2008-0930 was published May 1, 2022
Unspecified vulnerability in Links before 2.1, when "only proxies" is enabled, has unknown impact... High Unreviewed
CVE-2008-3329 was published May 1, 2022
BEA WebLogic Portal 10.0 and 9.2 through Maintenance Pack 2, under certain circumstances, can... High Unreviewed
CVE-2008-0870 was published May 1, 2022
aptlinex before 0.91 allows local users to overwrite arbitrary files via a symlink attack on the... High Unreviewed
CVE-2008-1901 was published May 1, 2022
expn in the am-utils and net-fs packages for Gentoo, rPath Linux, and other distributions, allows... High Unreviewed
CVE-2008-1078 was published May 1, 2022
Trend Micro Security 2022 (consumer) has a link following vulnerability where an attacker with... High Unreviewed
CVE-2022-34893 was published Sep 20, 2022
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS... High Unreviewed
CVE-2022-32905 was published Nov 2, 2022
Measuresoft ScadaPro Server and Client (All Versions) do not properly resolve links before file... High Unreviewed
CVE-2022-2897 was published Sep 1, 2022
Local privilege escalation due to improper soft link handling. The following products are... High Unreviewed
CVE-2022-44747 was published Nov 8, 2022
UNIX Symbolic Link (Symlink) Following vulnerability in the trousers package of SUSE SUSE Linux... High Unreviewed
CVE-2019-18898 was published May 24, 2022
A Symbolic Link (Symlink) Following vulnerability in the packaging of munin in openSUSE Factory,... High Unreviewed
CVE-2019-3694 was published May 24, 2022
cvsupd.sh in CVSup 1.2 allows local users to overwrite arbitrary files and gain privileges via a... High Unreviewed
CVE-2002-2382 was published Apr 30, 2022
A symlink following vulnerability in the packaging of mailman in SUSE Linux Enterprise Server 11,... High Unreviewed
CVE-2019-3693 was published May 24, 2022
Windows Internet Naming Service (WINS) allows remote attackers to cause a denial of service ... High Unreviewed
CVE-1999-1593 was published Apr 30, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database