Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,344
Erlang
31
GitHub Actions
22
Go
2,115
Maven
5,000+
npm
3,767
NuGet
680
pip
3,457
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

163 advisories

Loading
welcome.py in xdiagnose before 2.5.2ubuntu0.1 allows local users to overwrite arbitrary files via... Low Unreviewed
CVE-2012-5355 was published May 17, 2022
IBM Advanced Settings Utility (ASU) through 3.62 and 3.70 through 9.21 and Bootable Media Creator... Low Unreviewed
CVE-2012-3329 was published May 17, 2022
The qmailscan plugin for Munin 1.4.5 allows local users to overwrite arbitrary files via a... Low Unreviewed
CVE-2012-2103 was published May 17, 2022
src/common/latex.py in Gajim 0.15 allows local users to overwrite arbitrary files via a symlink... Low Unreviewed
CVE-2012-2093 was published May 17, 2022
The configure script in D-Bus (aka DBus) 1.2.x before 1.2.28 allows local users to overwrite... Low Unreviewed
CVE-2011-2533 was published May 17, 2022
The make include files in NetBSD before 1.6.2, as used in pmake 1.111 and other products, allow... Low Unreviewed
CVE-2011-1920 was published May 17, 2022
ZoneAlarm Anti-Ransomware before version 1.0.713 copies files for the report from a directory... Low Unreviewed
CVE-2020-6012 was published May 24, 2022
The (1) fence_apc and (2) fence_apc_snmp programs, as used in (a) fence 2.02.00-r1 and possibly ... Low Unreviewed
CVE-2008-4579 was published May 2, 2022
The abrt-action-install-debuginfo-to-abrt-cache help program in Automatic Bug Reporting Tool ... Low Unreviewed
CVE-2015-5273 was published May 17, 2022
The web interface in CUPS before 1.7.4 allows local users in the lp group to read arbitrary files... Low Unreviewed
CVE-2014-3537 was published May 17, 2022
The send_data_to_stdout function in prnt/hpijs/hpcupsfax.cpp in HP Linux Imaging and Printing ... Low Unreviewed
CVE-2011-2722 was published May 17, 2022
iproute2 before 3.3.0 allows local users to overwrite arbitrary files via a symlink attack on a... Low Unreviewed
CVE-2012-1088 was published May 17, 2022
fuse 2.8.5 and earlier does not properly handle when /etc/mtab cannot be updated, which allows... Low Unreviewed
CVE-2011-0541 was published May 17, 2022
The edit_cmd function in crontab.c in (1) cronie before 1.4.4 and (2) Vixie cron (vixie-cron)... Low Unreviewed
CVE-2010-0424 was published May 2, 2022
Dell Command | Integration Suite for System Center, versions before 6.4.0 contain an arbitrary... Low Unreviewed
CVE-2023-24572 was published Feb 13, 2023
Dell Command | Intel vPro Out of Band, versions before 4.4.0, contain an arbitrary folder delete... Low Unreviewed
CVE-2023-23697 was published Feb 13, 2023
Cargo extracting malicious crates can corrupt arbitrary files Low
CVE-2022-36113 was published for cargo (Rust) Sep 16, 2022
pietroalbini litios
HashiCorp Vagrant Insecure Operation on Windows Junction / Mount Point vulnerability Low
CVE-2023-5834 was published for github.com/hashicorp/vagrant (Go) Oct 28, 2023
An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application... Low Unreviewed
CVE-2020-16851 was published May 24, 2022
An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application... Low Unreviewed
CVE-2020-16853 was published May 24, 2022
HP-UX 11.00 crontab allows local users to read arbitrary files via the -e option by creating a... Low Unreviewed
CVE-2000-0972 was published Apr 30, 2022
Joe text editor follows symbolic links when creating a rescue copy called DEADJOE during an... Low Unreviewed
CVE-2000-1178 was published Apr 30, 2022
script command in the util-linux package before 2.11n allows local users to overwrite arbitrary... Low Unreviewed
CVE-2001-1494 was published Apr 30, 2022
The LiveUpdate capability (liveupdate.sh) in Symantec AntiVirus Scan Engine 4.0 and 4.3 for Red... Low Unreviewed
CVE-2004-0217 was published Apr 29, 2022
everybuddy 0.4.3 and earlier allows local users to overwrite arbitrary files via a symlink attack... Low Unreviewed
CVE-2005-1880 was published May 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database