Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,163 advisories

Loading
The cTrigger::DoIt function in src/ctrigger.cpp in the trigger mechanism in the daemon in... Moderate Unreviewed
CVE-2008-5706 was published May 17, 2022
pstopdf in CUPS 1.3.8 allows local users to overwrite arbitrary files via a symlink attack on the... Moderate Unreviewed
CVE-2008-5377 was published May 17, 2022
qemu-dm.debug in Xen 3.2.1 allows local users to overwrite arbitrary files via a symlink attack... Moderate Unreviewed
CVE-2008-4993 was published May 17, 2022
Argument injection vulnerability in devscripts before 2.15.7 allows remote attackers to write to... High Unreviewed
CVE-2015-5705 was published May 17, 2022
mktexlsr revision 36855, and before revision 36626 as packaged in texlive allows local users to... Moderate Unreviewed
CVE-2015-5701 was published May 17, 2022
p7zip 9.20.1 allows remote attackers to write to arbitrary files via a symlink attack in an archive. Moderate Unreviewed
CVE-2015-1038 was published May 17, 2022
php-fpm allows local users to write to or create arbitrary files via a symlink attack. Moderate Unreviewed
CVE-2015-3211 was published May 17, 2022
The runtime linker in QNX Neutrino RTOS 6.5.0 before Service Pack 1 does not properly clear the... Low Unreviewed
CVE-2011-4060 was published May 17, 2022
vm-support 0.88 in VMware Tools, as distributed with VMware Workstation through 10.0.3 and other... Moderate Unreviewed
CVE-2014-4199 was published May 17, 2022
SaltStack Salt Insecure Temporary File Creation High
CVE-2014-3563 was published for salt (pip) May 17, 2022
The Capture::Tiny module before 0.24 for Perl allows local users to write to arbitrary files via... Low Unreviewed
CVE-2014-1875 was published May 17, 2022
(1) debian/postrm and (2) debian/localepurge.config in localepurge before 0.7.3.2 use tempfile to... Low Unreviewed
CVE-2014-1638 was published May 17, 2022
pyxdg Arbitrary File Overwrite via Race Condition Low
CVE-2014-1624 was published for pyxdg (pip) May 17, 2022
axiom-test.sh in axiom 20100701-1.1 uses tempfile to create a safe temporary file but appends a... Low Unreviewed
CVE-2014-1640 was published May 17, 2022
syncevo/installcheck-local.sh in syncevolution before 1.3.99.7 uses mktemp to create a safe... Low Unreviewed
CVE-2014-1639 was published May 17, 2022
welcome.py in xdiagnose before 2.5.2ubuntu0.1 allows local users to overwrite arbitrary files via... Low Unreviewed
CVE-2012-5355 was published May 17, 2022
openCryptoki 2.4.1 allows local users to create or set world-writable permissions on arbitrary... Moderate Unreviewed
CVE-2012-4455 was published May 17, 2022
IBM Advanced Settings Utility (ASU) through 3.62 and 3.70 through 9.21 and Bootable Media Creator... Low Unreviewed
CVE-2012-3329 was published May 17, 2022
The qmailscan plugin for Munin 1.4.5 allows local users to overwrite arbitrary files via a... Low Unreviewed
CVE-2012-2103 was published May 17, 2022
src/common/latex.py in Gajim 0.15 allows local users to overwrite arbitrary files via a symlink... Low Unreviewed
CVE-2012-2093 was published May 17, 2022
The configure script in D-Bus (aka DBus) 1.2.x before 1.2.28 allows local users to overwrite... Low Unreviewed
CVE-2011-2533 was published May 17, 2022
The do_dump_data function in utils/opcontrol in OProfile 0.9.6 and earlier might allow local... Moderate Unreviewed
CVE-2011-2473 was published May 17, 2022
Openstack DBaaS (Trove) Improper Link Resolution Before File Access Moderate
CVE-2015-3156 was published for trove (pip) May 17, 2022
The make include files in NetBSD before 1.6.2, as used in pmake 1.111 and other products, allow... Low Unreviewed
CVE-2011-1920 was published May 17, 2022
The (1) bin/invscoutClient_VPD_Survey and (2) sbin/invscout_lsvpd programs in invscout.rte before... Moderate Unreviewed
CVE-2011-1384 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database