Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,939
Maven
5,000+
npm
3,677
NuGet
643
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

163 advisories

Loading
Bournal before 1.4.1 allows local users to overwrite arbitrary files via a symlink attack on... Low Unreviewed
CVE-2010-0118 was published May 2, 2022
Puppet arbitrary files overwrite via a symlink attack Low
CVE-2010-0156 was published for puppet (RubyGems) May 2, 2022
The edit_cmd function in crontab.c in (1) cronie before 1.4.4 and (2) Vixie cron (vixie-cron)... Low Unreviewed
CVE-2010-0424 was published May 2, 2022
Folder Manager in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, allows local users to delete... Low Unreviewed
CVE-2010-0546 was published May 2, 2022
fusermount in FUSE before 2.7.5, and 2.8.x before 2.8.2, allows local users to unmount an... Low Unreviewed
CVE-2010-0789 was published May 2, 2022
fcrontab in fcron before 3.0.5 allows local users to read arbitrary files via a symlink attack on... Low Unreviewed
CVE-2010-0792 was published May 2, 2022
GNU nano before 2.2.4 does not verify whether a file has been changed before it is overwritten in... Low Unreviewed
CVE-2010-1160 was published May 2, 2022
Certain patch-installation scripts in Oracle Solaris allow local users to append data to... Low Unreviewed
CVE-2010-1183 was published May 2, 2022
The sort_offline function for texindex in texinfo 4.8 and earlier allows local users to overwrite... Low Unreviewed
CVE-2005-3011 was published May 3, 2022
contrib/pdfmark/pdfroff.sh in GNU troff (aka groff) before 1.21 allows local users to overwrite... Low Unreviewed
CVE-2009-5044 was published May 3, 2022
The SPICE Firefox plug-in (spice-xpi) 2.4, 2.3, 2.2, and possibly other versions allows local... Low Unreviewed
CVE-2011-0012 was published May 3, 2022
pimd 2.1.5 and possibly earlier versions allows user-assisted local users to overwrite arbitrary... Low Unreviewed
CVE-2011-0007 was published May 3, 2022
libs/updater.py in GoLismero 0.6.3, and other versions before Git revision 2b3bb43d6867, as used... Low Unreviewed
CVE-2012-0054 was published May 4, 2022
Perl module Data::UUID from CPAN version 1.219 vulnerable to symlink attacks Low Unreviewed
CVE-2013-4184 was published May 5, 2022
systemd, when updating file permissions, allows local users to change the permissions and SELinux... Low Unreviewed
CVE-2013-4392 was published May 13, 2022
Puppet before 3.3.3 and 3.4 before 3.4.1 and Puppet Enterprise (PE) before 2.8.4 and 3.1 before 3... Low Unreviewed
CVE-2013-4969 was published May 13, 2022
The PEAR_REST class in REST.php in PEAR in PHP through 5.6.0 allows local users to write to... Low Unreviewed
CVE-2014-5459 was published May 13, 2022
modules.d/90crypt/module-setup.sh in the dracut package before 037-17.30.1 in openSUSE 13.2... Low Unreviewed
CVE-2015-0794 was published May 13, 2022
The LockServer function in os/utils.c in X.Org xserver before 1.11.2 allows local users to... Low Unreviewed
CVE-2011-4028 was published May 13, 2022
The feh_unique_filename function in utils.c in feh before 1.11.2 might allow local users to... Low Unreviewed
CVE-2011-0702 was published May 13, 2022
The feh_unique_filename function in utils.c in feh 1.11.2 and earlier might allow local users to... Low Unreviewed
CVE-2011-1031 was published May 13, 2022
The installer in PEAR before 1.9.2 allows local users to overwrite arbitrary files via a symlink... Low Unreviewed
CVE-2011-1072 was published May 13, 2022
The installer in PEAR 1.9.2 and earlier allows local users to overwrite arbitrary files via a... Low Unreviewed
CVE-2011-1144 was published May 13, 2022
The changelog command in Apt before 1.0.9.2 allows local users to write to arbitrary files via a... Low Unreviewed
CVE-2014-7206 was published May 13, 2022
PGTStorage/pgt-file.php in phpCAS before 1.1.3, when proxy mode is enabled, allows local users to... Low Unreviewed
CVE-2010-3691 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database