Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,163 advisories

Loading
Chip Salzenberg Deliver allows local users to cause a denial of service, obtain sensitive... Moderate Unreviewed
CVE-2010-0439 was published May 2, 2022
Folder Manager in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, allows local users to delete... Low Unreviewed
CVE-2010-0546 was published May 2, 2022
ncpfs 2.2.6 allows local users to cause a denial of service, obtain sensitive information, or... Moderate Unreviewed
CVE-2010-0788 was published May 2, 2022
fusermount in FUSE before 2.7.5, and 2.8.x before 2.8.2, allows local users to unmount an... Low Unreviewed
CVE-2010-0789 was published May 2, 2022
pam_motd (aka the MOTD module) in libpam-modules before 1.1.0-2ubuntu1.1 in PAM on Ubuntu 9.10... Moderate Unreviewed
CVE-2010-0832 was published May 2, 2022
Certain patch-installation scripts in Oracle Solaris allow local users to append data to... Low Unreviewed
CVE-2010-1183 was published May 2, 2022
GNU nano before 2.2.4 does not verify whether a file has been changed before it is overwritten in... Low Unreviewed
CVE-2010-1160 was published May 2, 2022
BSD pppd allows local users to change the permissions of arbitrary files via a symlink attack on... Moderate Unreviewed
CVE-2002-0824 was published May 3, 2022
The (1) pj-gs.sh, (2) ps2epsi, (3) pv.sh, and (4) sysvlp.sh scripts in the ESP Ghostscript (espgs... High Unreviewed
CVE-2004-0967 was published May 3, 2022
The sort_offline function for texindex in texinfo 4.8 and earlier allows local users to overwrite... Low Unreviewed
CVE-2005-3011 was published May 3, 2022
The SPICE Firefox plug-in (spice-xpi) 2.4, 2.3, 2.2, and possibly other versions allows local... Low Unreviewed
CVE-2011-0012 was published May 3, 2022
pimd 2.1.5 and possibly earlier versions allows user-assisted local users to overwrite arbitrary... Low Unreviewed
CVE-2011-0007 was published May 3, 2022
cfgcon in IBM AIX 5.2 and 5.3 does not properly validate the argument to the "-p" option to... Moderate Unreviewed
CVE-2007-5805 was published May 3, 2022
contrib/pdfmark/pdfroff.sh in GNU troff (aka groff) before 1.21 allows local users to overwrite... Low Unreviewed
CVE-2009-5044 was published May 3, 2022
In aee daemon, there is a possible information disclosure due to symbolic link following. This... Moderate Unreviewed
CVE-2022-20103 was published May 4, 2022
In netdiag, there is a possible symbolic link following due to an improper link resolution. This... Moderate Unreviewed
CVE-2022-20085 was published May 4, 2022
The fedora-business-cards package before 1-0.1.beta1.fc17 on Fedora 17 and before 1-0.1.beta1... High Unreviewed
CVE-2013-0159 was published May 5, 2022
tmp_smtp.c in pktstat 1.8.5 allows local users to overwrite arbitrary files via a symlink attack... Moderate Unreviewed
CVE-2013-0350 was published May 5, 2022
An improper link resolution before file access ('Link Following') vulnerability has been reported... High Unreviewed
CVE-2021-44052 was published May 6, 2022
Check Point Endpoint Security Client for Windows versions earlier than E86.40 copy files for... High Unreviewed
CVE-2022-23742 was published May 13, 2022
A flaw was found in RPC request using gfs3_symlink_req in glusterfs server which allows symlink... High Unreviewed
CVE-2018-10928 was published May 13, 2022
In libXfont before 1.5.4 and libXfont2 before 2.0.3, a local attacker can open (but not read)... Moderate Unreviewed
CVE-2017-16611 was published May 13, 2022
Puppet before 3.3.3 and 3.4 before 3.4.1 and Puppet Enterprise (PE) before 2.8.4 and 3.1 before 3... Low Unreviewed
CVE-2013-4969 was published May 13, 2022
The session_link_x11_socket function in login/logind-session.c in systemd-logind in systemd,... Moderate Unreviewed
CVE-2012-0871 was published May 13, 2022
In the cron package through 3.0pl1-128 on Debian, and through 3.0pl1-128ubuntu2 on Ubuntu, the... Moderate Unreviewed
CVE-2017-9525 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database