GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,889
Composer 4,870
Erlang 37
GitHub Actions 36
Go 2,500
Maven 5,942
npm 4,147
NuGet 735
pip 3,948
Pub 12
RubyGems 945
Rust 1,025
Swift 39

Unreviewed advisories

All unreviewed 269,561

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,163 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

fish before 2.1.1 allows local users to write to arbitrary files via a symlink attack on (1) /tmp... High Unreviewed

CVE-2014-3219 was published May 13, 2022

ProFTPD before 1.3.5e and 1.3.6 before 1.3.6rc5 controls whether the home directory of a user... Moderate Unreviewed

CVE-2017-7418 was published May 14, 2022

keepalived 2.0.8 didn't check for pathnames with symlinks when writing data to a temporary file... Moderate Unreviewed

CVE-2018-19044 was published May 14, 2022

lxclock.c in LXC 1.1.2 and earlier allows local users to create arbitrary files via a symlink... Moderate Unreviewed

CVE-2015-1331 was published May 14, 2022

lxc-start in lxc before 1.0.8 and 1.1.x before 1.1.4 allows local container administrators to... High Unreviewed

CVE-2015-1335 was published May 14, 2022

The (1) tomcat5, (2) tomcat6, and (3) tomcat7 init scripts, as used in the RPM distribution of... Moderate Unreviewed

CVE-2013-1976 was published May 14, 2022

Supportutils, before version 3.1-5.7.1, wrote data to static file /tmp/supp_log, allowing local... Moderate Unreviewed

CVE-2018-19637 was published May 14, 2022

In supportutils, before version 3.1-5.7.1 and if pacemaker is installed on the system, an... Moderate Unreviewed

CVE-2018-19638 was published May 14, 2022

OpenFabrics ibutils 1.5.7 allows local users to overwrite arbitrary files via a symlink attack on... Moderate Unreviewed

CVE-2013-2561 was published May 14, 2022

An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10... Moderate Unreviewed

CVE-2016-4679 was published May 14, 2022

Directory traversal vulnerability in afc in AppleFileConduit in Apple iOS before 8.1.3 and Apple... High Unreviewed

CVE-2014-4480 was published May 14, 2022

An improper link resolution flaw while extracting an archive can lead to changing the access... High Unreviewed

CVE-2021-23177 was published Aug 24, 2022

An improper link resolution flaw can occur while extracting an archive leading to changing modes,... High Unreviewed

CVE-2021-31566 was published Aug 24, 2022

syslogd in the syslog subsystem in Apple iOS before 8 and Apple TV before 7 allows local users to... Low Unreviewed

CVE-2014-4372 was published May 14, 2022

CrashHouseKeeping in Crash Reporting in Apple iOS before 7.1 and Apple TV before 6.1 allows local... Moderate Unreviewed

CVE-2014-1272 was published May 14, 2022

The LHA.sys driver before 1.1.1811.2101 in LG Device Manager exposes functionality that allows... High Unreviewed

CVE-2019-8372 was published May 14, 2022

GNU Parallel before 20150522 (Nepal), when using (1) --cat or (2) --fifo with --sshlogin, allows... Low Unreviewed

CVE-2015-4156 was published May 14, 2022

The init script in kbd, possibly 1.14.1 and earlier, allows local users to overwrite arbitrary... Moderate Unreviewed

CVE-2011-0460 was published May 14, 2022

An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10... Moderate Unreviewed

CVE-2016-7619 was published May 14, 2022

The SplFileInfo::getType function in the Standard PHP Library (SPL) extension in PHP before 5.3.4... Moderate Unreviewed

CVE-2011-0754 was published May 14, 2022

The _rl_tropen function in util.c in GNU readline before 6.3 patch 3 allows local users to create... Low Unreviewed

CVE-2014-2524 was published May 14, 2022

The GetHTMLRunDir function in the scan-build utility in Clang 3.5 and earlier allows local users... Low Unreviewed

CVE-2014-2893 was published May 14, 2022

GNU patch 2.7.1 allows remote attackers to write to arbitrary files via a symlink attack in a... Moderate Unreviewed

CVE-2015-1196 was published May 14, 2022

Gummi 0.6.5 allows local users to write to arbitrary files via a symlink attack on a temporary... Low Unreviewed

CVE-2015-7758 was published May 14, 2022

/etc/init.d/boot.localfs in the aaa_base package before 11.2-43.48.1 in SUSE openSUSE 11.2, and... Moderate Unreviewed

CVE-2011-0461 was published May 14, 2022

Previous 1…21…47 Next

Previous 1 2 … 19 20 21 22 23 … 46 47 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,163 advisories