Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,163 advisories

Loading
Denial of service via crafting malicious link and sending it to a privileged user can cause... High Unreviewed
CVE-2018-15351 was published May 14, 2022
/bin/login in shadow 4.0.18.1 in Debian GNU/Linux, and probably other Linux distributions, allows... High Unreviewed
CVE-2008-5394 was published May 14, 2022
ViArt Shop (aka Shopping Cart) 3.5 allows remote attackers to obtain sensitive information via an... Moderate Unreviewed
CVE-2008-6760 was published May 14, 2022
ViArt Shop (aka Shopping Cart) 3.5 allows remote attackers to obtain sensitive information via a... Moderate Unreviewed
CVE-2008-6759 was published May 14, 2022
Mathematica 7, when running on Linux, allows local users to overwrite arbitrary files via a... Low Unreviewed
CVE-2010-2027 was published May 14, 2022
Enomaly Elastic Computing Platform (ECP), formerly Enomalism, before 2.1.1 allows local users to... Moderate Unreviewed
CVE-2008-4990 was published May 14, 2022
The scheme48-send-definition function in cmuscheme48.el in Scheme 48 allows local users to write... Moderate Unreviewed
CVE-2014-4150 was published May 14, 2022
crontab.c in crontab in FreeBSD and Apple Mac OS X allows local users to (1) determine the... Low Unreviewed
CVE-2011-1073 was published May 14, 2022
Check_MK through 1.2.5i2p1 allows local users to read arbitrary files via a symlink attack to a... Moderate Unreviewed
CVE-2014-0243 was published May 14, 2022
mtx-changer.Adic-Scalar-24 in bacula-common 2.4.2 allows local users to overwrite arbitrary files... Moderate Unreviewed
CVE-2008-5373 was published May 14, 2022
An issue was discovered in Cinnamon 1.9.2 through 3.8.6. The cinnamon-settings-users.py GUI runs... High Unreviewed
CVE-2018-13054 was published May 14, 2022
In Cylance CylancePROTECT before 1470, an unprivileged local user can obtain SYSTEM privileges... High Unreviewed
CVE-2018-10722 was published May 14, 2022
kwallet-pam in KDE KWallet before 5.12.6 allows local users to obtain ownership of arbitrary... High Unreviewed
CVE-2018-10380 was published May 14, 2022
In browser editing in Atlassian Bitbucket Server from version 4.13.0 before 5.4.8 (the fixed... Critical Unreviewed
CVE-2018-5225 was published May 14, 2022
The printing process can bypass local access protections to read files available through symlinks... Moderate Unreviewed
CVE-2018-5107 was published May 14, 2022
An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue... Moderate Unreviewed
CVE-2018-4112 was published May 14, 2022
OpenRC opentmpfiles through 0.1.3, when the fs.protected_hardlinks sysctl is turned off, allows... Moderate Unreviewed
CVE-2017-18188 was published May 14, 2022
It was found that the fix for CVE-2018-10927, CVE-2018-10928, CVE-2018-10929, CVE-2018-10930, and... High Unreviewed
CVE-2018-14651 was published May 14, 2022
The Hotspot component in OpenJDK8 as packaged in Red Hat Enterprise Linux 6 and 7 allows local... Moderate Unreviewed
CVE-2015-3149 was published May 17, 2022
daemon/abrt-handle-upload.in in Automatic Bug Reporting Tool (ABRT), when moving problem reports... Moderate Unreviewed
CVE-2015-3147 was published May 24, 2022
Red Hat Storage 2.0 allows local users to overwrite arbitrary files via a symlink attack on the ... Low Unreviewed
CVE-2013-4157 was published May 17, 2022
clipedit in the Clipboard module for Perl allows local users to delete arbitrary files via a... Moderate Unreviewed
CVE-2014-5509 was published May 14, 2022
(1) oo-analytics-export and (2) oo-analytics-import in the openshift-origin-broker-util package... High Unreviewed
CVE-2013-4364 was published May 14, 2022
The rs_filter_graph function in librawstudio/rs-filter.c in rawstudio might allow local users to... Moderate Unreviewed
CVE-2014-4978 was published May 14, 2022
The unpacker::redirect_stdio function in unpack.cpp in unpack200 in OpenJDK 6, 7, and 8; Oracle... Moderate Unreviewed
CVE-2014-1876 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database