Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,335
Erlang
31
GitHub Actions
22
Go
2,096
Maven
5,000+
npm
3,762
NuGet
678
pip
3,448
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

162 advisories

Loading
iproute2 before 3.3.0 allows local users to overwrite arbitrary files via a symlink attack on a... Low Unreviewed
CVE-2012-1088 was published May 17, 2022
The send_data_to_stdout function in prnt/hpijs/hpcupsfax.cpp in HP Linux Imaging and Printing ... Low Unreviewed
CVE-2011-2722 was published May 17, 2022
The abrt-action-install-debuginfo-to-abrt-cache help program in Automatic Bug Reporting Tool ... Low Unreviewed
CVE-2015-5273 was published May 17, 2022
The web interface in CUPS before 1.7.4 allows local users in the lp group to read arbitrary files... Low Unreviewed
CVE-2014-3537 was published May 17, 2022
The (1) fence_apc and (2) fence_apc_snmp programs, as used in (a) fence 2.02.00-r1 and possibly ... Low Unreviewed
CVE-2008-4579 was published May 2, 2022
ZoneAlarm Anti-Ransomware before version 1.0.713 copies files for the report from a directory... Low Unreviewed
CVE-2020-6012 was published May 24, 2022
The make include files in NetBSD before 1.6.2, as used in pmake 1.111 and other products, allow... Low Unreviewed
CVE-2011-1920 was published May 17, 2022
The configure script in D-Bus (aka DBus) 1.2.x before 1.2.28 allows local users to overwrite... Low Unreviewed
CVE-2011-2533 was published May 17, 2022
The qmailscan plugin for Munin 1.4.5 allows local users to overwrite arbitrary files via a... Low Unreviewed
CVE-2012-2103 was published May 17, 2022
src/common/latex.py in Gajim 0.15 allows local users to overwrite arbitrary files via a symlink... Low Unreviewed
CVE-2012-2093 was published May 17, 2022
IBM Advanced Settings Utility (ASU) through 3.62 and 3.70 through 9.21 and Bootable Media Creator... Low Unreviewed
CVE-2012-3329 was published May 17, 2022
welcome.py in xdiagnose before 2.5.2ubuntu0.1 allows local users to overwrite arbitrary files via... Low Unreviewed
CVE-2012-5355 was published May 17, 2022
(1) debian/postrm and (2) debian/localepurge.config in localepurge before 0.7.3.2 use tempfile to... Low Unreviewed
CVE-2014-1638 was published May 17, 2022
The Capture::Tiny module before 0.24 for Perl allows local users to write to arbitrary files via... Low Unreviewed
CVE-2014-1875 was published May 17, 2022
axiom-test.sh in axiom 20100701-1.1 uses tempfile to create a safe temporary file but appends a... Low Unreviewed
CVE-2014-1640 was published May 17, 2022
syncevo/installcheck-local.sh in syncevolution before 1.3.99.7 uses mktemp to create a safe... Low Unreviewed
CVE-2014-1639 was published May 17, 2022
The runtime linker in QNX Neutrino RTOS 6.5.0 before Service Pack 1 does not properly clear the... Low Unreviewed
CVE-2011-4060 was published May 17, 2022
Red Hat Storage 2.0 allows local users to overwrite arbitrary files via a symlink attack on the ... Low Unreviewed
CVE-2013-4157 was published May 17, 2022
crontab.c in crontab in FreeBSD and Apple Mac OS X allows local users to (1) determine the... Low Unreviewed
CVE-2011-1073 was published May 14, 2022
Mathematica 7, when running on Linux, allows local users to overwrite arbitrary files via a... Low Unreviewed
CVE-2010-2027 was published May 14, 2022
Gummi 0.6.5 allows local users to write to arbitrary files via a symlink attack on a temporary... Low Unreviewed
CVE-2015-7758 was published May 14, 2022
The GetHTMLRunDir function in the scan-build utility in Clang 3.5 and earlier allows local users... Low Unreviewed
CVE-2014-2893 was published May 14, 2022
The _rl_tropen function in util.c in GNU readline before 6.3 patch 3 allows local users to create... Low Unreviewed
CVE-2014-2524 was published May 14, 2022
GNU Parallel before 20150522 (Nepal), when using (1) --cat or (2) --fifo with --sshlogin, allows... Low Unreviewed
CVE-2015-4156 was published May 14, 2022
syslogd in the syslog subsystem in Apple iOS before 8 and Apple TV before 7 allows local users to... Low Unreviewed
CVE-2014-4372 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database