Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,347
Erlang
31
GitHub Actions
22
Go
2,117
Maven
5,000+
npm
3,768
NuGet
680
pip
3,457
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

457 advisories

Loading
mgt-helper in multi-gnome-terminal 1.6.2 allows local users to overwrite arbitrary files via a... Moderate Unreviewed
CVE-2008-5143 was published May 17, 2022
The postinst script in ppp 2.4.4rel on Debian GNU/Linux allows local users to overwrite arbitrary... Moderate Unreviewed
CVE-2008-5366 was published May 17, 2022
ip-up in ppp-udeb 2.4.4rel on Debian GNU/Linux allows local users to overwrite arbitrary files... Moderate Unreviewed
CVE-2008-5367 was published May 17, 2022
nvidia-cg-toolkit-installer in nvidia-cg-toolkit 2.0.0015 allows local users to overwrite... Moderate Unreviewed
CVE-2008-5144 was published May 17, 2022
** DISPUTED ** postinst in twiki 4.1.2 allows local users to overwrite arbitrary files via a... Moderate Unreviewed
CVE-2008-4998 was published May 17, 2022
impose in impose+ 0.2 allows local users to overwrite arbitrary files via a symlink attack on (1)... Moderate Unreviewed
CVE-2008-4960 was published May 17, 2022
convirt 0.8.2 allows local users to overwrite arbitrary files via a symlink attack on the /tmp... Moderate Unreviewed
CVE-2008-4946 was published May 17, 2022
screenie in screenie 1.30.0 allows local users to overwrite arbitrary files via a symlink attack... Moderate Unreviewed
CVE-2008-5371 was published May 17, 2022
** DISPUTED ** gccross in dpkg-cross 2.3.0 allows local users to overwrite arbitrary files via a... Moderate Unreviewed
CVE-2008-4950 was published May 17, 2022
fwb_install in fwbuilder 2.1.19 allows local users to overwrite arbitrary files via a symlink... Moderate Unreviewed
CVE-2008-4956 was published May 17, 2022
** DISPUTED ** firehol in firehol 1.256 allows local users to overwrite arbitrary files via a... Moderate Unreviewed
CVE-2008-4953 was published May 17, 2022
noip2 in noip2 2.1.7 allows local users to overwrite arbitrary files via a symlink attack on the ... Moderate Unreviewed
CVE-2008-5369 was published May 17, 2022
fwd_check.sh in libncbi6 6.1.20080302 allows local users to overwrite arbitrary files via a... Moderate Unreviewed
CVE-2008-5149 was published May 17, 2022
add-accession-numbers in ctn 3.0.6 allows local users to overwrite arbitrary files via a symlink... Moderate Unreviewed
CVE-2008-5146 was published May 17, 2022
test_parser.py in mayavi 1.5 allows local users to overwrite arbitrary files via a symlink attack... Moderate Unreviewed
CVE-2008-5151 was published May 17, 2022
UNIX Symbolic Link (Symlink) Following vulnerability in the cronjob shipped with nagios of SUSE... Moderate Unreviewed
CVE-2019-3698 was published May 24, 2022
An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root... Moderate Unreviewed
CVE-2020-24332 was published May 24, 2022
Inappropriate implementation in installer in Google Chrome on OS X prior to 83.0.4103.61 allowed... Moderate Unreviewed
CVE-2020-6477 was published May 24, 2022
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could... Moderate Unreviewed
CVE-2020-3437 was published May 24, 2022
checkpath in OpenRC through 0.42.1 might allow local users to take ownership of arbitrary files... Moderate Unreviewed
CVE-2018-21269 was published May 24, 2022
In KDE Ark before 20.08.1, a crafted TAR archive with symlinks can install files outside the... Moderate Unreviewed
CVE-2020-24654 was published May 24, 2022
Improper Access Control vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7... Moderate Unreviewed
CVE-2020-7319 was published May 24, 2022
opentmpfiles through 0.3.1 allows local users to take ownership of arbitrary files because d... Moderate Unreviewed
CVE-2017-18925 was published May 24, 2022
UNIX Symbolic Link (Symlink) Following in TP-Link Archer C9(US)_V1_180125 firmware allows an... Moderate Unreviewed
CVE-2020-5797 was published May 24, 2022
Armoury Crate Service’s logging function has insufficient validation to check if the log file is... Moderate Unreviewed
CVE-2022-38699 was published Sep 29, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database