GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,889
Composer 4,870
Erlang 37
GitHub Actions 36
Go 2,500
Maven 5,942
npm 4,147
NuGet 735
pip 3,948
Pub 12
RubyGems 945
Rust 1,025
Swift 39

Unreviewed advisories

All unreviewed 269,561

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,163 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The scheme48-send-definition function in cmuscheme48.el in Scheme 48 allows local users to write... Moderate Unreviewed

CVE-2014-4150 was published May 14, 2022

An issue was discovered in Cinnamon 1.9.2 through 3.8.6. The cinnamon-settings-users.py GUI runs... High Unreviewed

CVE-2018-13054 was published May 14, 2022

The postinst script in the tomcat6 package before 6.0.45+dfsg-1~deb7u4 on Debian wheezy, before 6... High Unreviewed

CVE-2016-9774 was published May 14, 2022

The printing process can bypass local access protections to read files available through symlinks... Moderate Unreviewed

CVE-2018-5107 was published May 14, 2022

In Cylance CylancePROTECT before 1470, an unprivileged local user can obtain SYSTEM privileges... High Unreviewed

CVE-2018-10722 was published May 14, 2022

kwallet-pam in KDE KWallet before 5.12.6 allows local users to obtain ownership of arbitrary... High Unreviewed

CVE-2018-10380 was published May 14, 2022

An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue... Moderate Unreviewed

CVE-2018-4112 was published May 14, 2022

In browser editing in Atlassian Bitbucket Server from version 4.13.0 before 5.4.8 (the fixed... Critical Unreviewed

CVE-2018-5225 was published May 14, 2022

Context relabeling of filesystems is vulnerable to symbolic link attack, allowing a local,... Moderate Unreviewed

CVE-2018-1063 was published May 14, 2022

OpenRC opentmpfiles through 0.1.3, when the fs.protected_hardlinks sysctl is turned off, allows... Moderate Unreviewed

CVE-2017-18188 was published May 14, 2022

Automatic Bug Reporting Tool (ABRT) allows local users to read, change the ownership of, or have... High Unreviewed

CVE-2015-3315 was published May 14, 2022

clipedit in the Clipboard module for Perl allows local users to delete arbitrary files via a... Moderate Unreviewed

CVE-2014-5509 was published May 14, 2022

(1) oo-analytics-export and (2) oo-analytics-import in the openshift-origin-broker-util package... High Unreviewed

CVE-2013-4364 was published May 14, 2022

VladTheEnterprising allows local users to write to arbitrary files via a symlink attack Moderate

CVE-2014-4996 was published for VladTheEnterprising (RubyGems) May 14, 2022

Syncthing vulnerable to symlink traversal and arbitrary file overwrite High

CVE-2017-1000420 was published for github.com/syncthing/syncthing (Go) May 14, 2022

The rs_filter_graph function in librawstudio/rs-filter.c in rawstudio might allow local users to... Moderate Unreviewed

CVE-2014-4978 was published May 14, 2022

The pulp-gen-nodes-certificate script in Pulp before 2.8.3 allows local users to leak the keys or... High Unreviewed

CVE-2016-3108 was published May 14, 2022

The unpacker::redirect_stdio function in unpack.cpp in unpack200 in OpenJDK 6, 7, and 8; Oracle... Moderate Unreviewed

CVE-2014-1876 was published May 14, 2022

Trend Micro Password Manager (Consumer) version 5.0.0.1266 and below is vulnerable to a Link... High Unreviewed

CVE-2022-30523 was published May 17, 2022

The pg_ctlcluster script in postgresql-common package in Debian wheezy before 134wheezy5, in... High Unreviewed

CVE-2016-1255 was published May 17, 2022

The Debian pg_ctlcluster, pg_createcluster, and pg_upgradecluster scripts, as distributed in the... Moderate Unreviewed

CVE-2017-8806 was published May 17, 2022

foo2zjs before 20110722dfsg-3ubuntu1 as packaged in Ubuntu, 20110722dfsg-1 as packaged in Debian... Moderate Unreviewed

CVE-2011-2684 was published May 17, 2022

IBM Spectrum Protect 7.1 and 8.1 could allow a local attacker to launch a symlink attack. IBM... Moderate Unreviewed

CVE-2017-1301 was published May 17, 2022

Red Hat Cluster Project 2.x allows local users to modify or overwrite arbitrary files via symlink... Moderate Unreviewed

CVE-2008-6552 was published May 17, 2022

Multiple open redirect vulnerabilities in AIST NetCat 3.12 and earlier allow remote attackers to... Moderate Unreviewed

CVE-2008-5742 was published May 17, 2022

Previous 1…16…47 Next

Previous 1 2 … 14 15 16 17 18 … 46 47 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,163 advisories