GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,904
Composer 4,871
Erlang 37
GitHub Actions 36
Go 2,504
Maven 5,949
npm 4,149
NuGet 735
pip 3,949
Pub 12
RubyGems 945
Rust 1,025
Swift 39

Unreviewed advisories

All unreviewed 269,795

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,163 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

kernel_crashdump in Apport before 2.19 allows local users to cause a denial of service (disk... High Unreviewed

CVE-2015-1338 was published May 17, 2022

The XPC implementation in Admin Framework in Apple OS X before 10.10.3 allows local users to... High Unreviewed

CVE-2015-1130 was published May 17, 2022

The Read Mail module in Webmin 1.720 allows local users to read arbitrary files via a symlink... Moderate Unreviewed

CVE-2015-1377 was published May 17, 2022

pax 1:20140703 allows remote attackers to write to arbitrary files via a symlink attack in an... Moderate Unreviewed

CVE-2015-1194 was published May 17, 2022

The LXC driver (lxc/lxc_driver.c) in libvirt 1.0.1 through 1.2.1 allows local users to (1) delete... Moderate Unreviewed

CVE-2013-6456 was published May 17, 2022

Improper Link Resolution Before File Access in Apache Hadoop Moderate

CVE-2014-3627 was published for org.apache.hadoop:hadoop-client (Maven) May 17, 2022

The (1) mkxmltype and (2) mkdtskel scripts in XML-DT before 0.64 allow local users to overwrite... Moderate Unreviewed

CVE-2014-5260 was published May 17, 2022

The Qualcomm Innovation Center (QuIC) init scripts in Code Aurora Forum (CAF) releases of Android... Low Unreviewed

CVE-2013-6124 was published May 17, 2022

include/tests_webservers in Lynis before 1.5.5 allows local users to overwrite arbitrary files... Low Unreviewed

CVE-2014-3986 was published May 17, 2022

include/tests_webservers in Lynis before 1.5.5 on AIX allows local users to overwrite arbitrary... Low Unreviewed

CVE-2014-3982 was published May 17, 2022

The IPXPING_COMMAND in contrib/check_ipxping.c in Nagios Plugins 1.4.16 allows local users to... Moderate Unreviewed

CVE-2013-4215 was published May 17, 2022

DistUpgrade/DistUpgradeViewKDE.py in Update Manager before 1:0.87.31.1, 1:0.134.x before 1:0.134... Low Unreviewed

CVE-2011-3154 was published May 17, 2022

The openTempFile function in goo/gfile.cc in Xpdf and Poppler 0.24.3 and earlier, when running on... Low Unreviewed

CVE-2013-4472 was published May 17, 2022

LightDM before 1.0.6 allows local users to change ownership of arbitrary files via a symlink... Low Unreviewed

CVE-2011-4105 was published May 17, 2022

dmrc.c in Light Display Manager (aka LightDM) before 1.1.1 allows local users to read arbitrary... Low Unreviewed

CVE-2011-3153 was published May 17, 2022

lppasswd in CUPS before 1.7.1, when running with setuid privileges, allows local users to read... Low Unreviewed

CVE-2013-6891 was published May 17, 2022

base/pkit.py in HP Linux Imaging and Printing (HPLIP) through 3.13.11 allows local users to... Low Unreviewed

CVE-2013-6402 was published May 17, 2022

The play_wave_from_socket function in audio/auserver.c in Flite 1.4 allows local users to modify... Low Unreviewed

CVE-2014-0027 was published May 17, 2022

fuse 2.8.5 and earlier does not properly handle when /etc/mtab cannot be updated, which allows... Low Unreviewed

CVE-2011-0541 was published May 17, 2022

cpio, as used in build 2007.05.10, 2010.07.28, and possibly other versions, allows remote... Moderate Unreviewed

CVE-2010-4226 was published May 17, 2022

The transform_save function in transform.c in Augeas before 1.0.0 allows local users to overwrite... Low Unreviewed

CVE-2012-0786 was published May 17, 2022

userpref.c in libimobiledevice 1.1.4, when $HOME and $XDG_CONFIG_HOME are not set, allows local... Low Unreviewed

CVE-2013-2142 was published May 17, 2022

nagios.upgrade_to_v3.sh, as distributed by Red Hat and possibly others for Nagios Core 3.4.4, 3.5... Moderate Unreviewed

CVE-2013-2029 was published May 17, 2022

asr in Oracle Auto Service Request in Oracle Support Tools before 4.3.2 allows local users to... Moderate Unreviewed

CVE-2013-1495 was published May 17, 2022

A certain Debian patch for txt2man 1.5.5, as used in txt2man 1.5.5-2, 1.5.5-4, and others, allows... Low Unreviewed

CVE-2013-1444 was published May 17, 2022

Previous 1…22…47 Next

Previous 1 2 … 20 21 22 23 24 … 46 47 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,163 advisories