Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,163 advisories

Loading
(1) contrib/gforge-3.0-cronjobs.patch, (2) cronjobs/homedirs.php, (3) deb-specific/fileforge.pl, ... Moderate Unreviewed
CVE-2013-1423 was published May 17, 2022
Google Chrome OS before 26.0.1410.57 relies on a Pango pango-utils.c read_config implementation... High Unreviewed
CVE-2013-0927 was published May 17, 2022
rss-newsfeed.php in Nagios Core 3.4.4, 3.5.1, and earlier, when MAGPIE_CACHE_ON is set to 1,... Moderate Unreviewed
CVE-2013-4214 was published May 17, 2022
acinclude.m4, as used in the configure script in PHP 5.5.13 and earlier, allows local users to... Low Unreviewed
CVE-2014-3981 was published May 17, 2022
libodm.a in IBM AIX 6.1 and 7.1, and VIOS 2.2.x, allows local users to overwrite arbitrary files... Moderate Unreviewed
CVE-2014-3977 was published May 13, 2022
The (1) mkxmltype and (2) mkdtskel scripts in XML-DT before 0.64 allow local users to overwrite... Moderate Unreviewed
CVE-2014-5260 was published May 17, 2022
The mountpoint_last function in fs/namei.c in the Linux kernel before 3.15.8 does not properly... Moderate Unreviewed
CVE-2014-5045 was published May 13, 2022
lib/parse_ini.c in Nagios Plugins 2.0.2 allows local users to obtain sensitive information via a... Low Unreviewed
CVE-2014-4703 was published May 17, 2022
Location Framework in Apple iOS before 8.4.1 allows local users to bypass intended restrictions... Moderate Unreviewed
CVE-2015-3759 was published May 17, 2022
kernel_crashdump in Apport before 2.19 allows local users to cause a denial of service (disk... High Unreviewed
CVE-2015-1338 was published May 17, 2022
The abrt-hook-ccpp help program in Automatic Bug Reporting Tool (ABRT) before 2.7.1 allows local... Moderate Unreviewed
CVE-2015-5287 was published May 17, 2022
The installation script studioexpressinstall for Teradata Studio Express 15.12.00.00 creates... High Unreviewed
CVE-2016-7490 was published May 17, 2022
The nginx package before 1.6.2-5+deb8u3 on Debian jessie, the nginx packages before 1.4.6... High Unreviewed
CVE-2016-1247 was published May 13, 2022
mysqld_safe in Oracle MySQL through 5.5.51, 5.6.x through 5.6.32, and 5.7.x through 5.7.14;... High Unreviewed
CVE-2016-6664 was published May 13, 2022
base/logging.c in Nagios Core before 4.2.4 allows local users with access to an account in the... High Unreviewed
CVE-2016-9566 was published May 14, 2022
Script Injection in Show In Browser gem Moderate
CVE-2013-2105 was published for show_in_browser (RubyGems) Oct 24, 2017
Dell Trusted Device, versions prior to 7.0.3.0, contain an Improper Link Resolution Before File... Moderate Unreviewed
CVE-2025-29983 was published Apr 15, 2025
When resolving a symlink such as <code>file:///proc/self/fd/1</code>, an error message may be... High Unreviewed
CVE-2022-45412 was published Dec 22, 2022
A link following vulnerability in the Damage Cleanup Engine component of Trend Micro Apex One and... High Unreviewed
CVE-2022-45798 was published Dec 24, 2022
A Improper Link Resolution vulnerability (CWE-59) in the SonicWall Connect Tunnel Windows (32 and... High Unreviewed
CVE-2025-32817 was published Apr 16, 2025
A potential security vulnerability has been identified in the HP Touchpoint Analytics Service for... Moderate Unreviewed
CVE-2025-1697 was published Apr 18, 2025
mail.local in NetBSD versions 6.0 through 6.0.6, 6.1 through 6.1.5, and 7.0 allows local users to... High Unreviewed
CVE-2016-6253 was published May 17, 2022
The postinst script in the tomcat6 package before 6.0.45+dfsg-1~deb7u4 on Debian wheezy, before 6... High Unreviewed
CVE-2016-9774 was published May 14, 2022
AMD fglrx-driver before 15.7 allows local users to gain privileges via a symlink attack. High Unreviewed
CVE-2015-7723 was published May 14, 2022
Automatic Bug Reporting Tool (ABRT) allows local users to read, change the ownership of, or have... High Unreviewed
CVE-2015-3315 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database