GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,939
Maven
5,000+
npm
3,677
NuGet
643
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
433 advisories
Filter by severity
Multiple open redirect vulnerabilities in AIST NetCat 3.12 and earlier allow remote attackers to...
Moderate
Unreviewed
CVE-2008-5742
was published
May 17, 2022
The cTrigger::DoIt function in src/ctrigger.cpp in the trigger mechanism in the daemon in...
Moderate
Unreviewed
CVE-2008-5706
was published
May 17, 2022
pstopdf in CUPS 1.3.8 allows local users to overwrite arbitrary files via a symlink attack on the...
Moderate
Unreviewed
CVE-2008-5377
was published
May 17, 2022
qemu-dm.debug in Xen 3.2.1 allows local users to overwrite arbitrary files via a symlink attack...
Moderate
Unreviewed
CVE-2008-4993
was published
May 17, 2022
mktexlsr revision 36855, and before revision 36626 as packaged in texlive allows local users to...
Moderate
Unreviewed
CVE-2015-5701
was published
May 17, 2022
p7zip 9.20.1 allows remote attackers to write to arbitrary files via a symlink attack in an archive.
Moderate
Unreviewed
CVE-2015-1038
was published
May 17, 2022
php-fpm allows local users to write to or create arbitrary files via a symlink attack.
Moderate
Unreviewed
CVE-2015-3211
was published
May 17, 2022
vm-support 0.88 in VMware Tools, as distributed with VMware Workstation through 10.0.3 and other...
Moderate
Unreviewed
CVE-2014-4199
was published
May 17, 2022
openCryptoki 2.4.1 allows local users to create or set world-writable permissions on arbitrary...
Moderate
Unreviewed
CVE-2012-4455
was published
May 17, 2022
The do_dump_data function in utils/opcontrol in OProfile 0.9.6 and earlier might allow local...
Moderate
Unreviewed
CVE-2011-2473
was published
May 17, 2022
Openstack DBaaS (Trove) Improper Link Resolution Before File Access
Moderate
CVE-2015-3156
was published
for
trove
(pip)
May 17, 2022
The (1) bin/invscoutClient_VPD_Survey and (2) sbin/invscout_lsvpd programs in invscout.rte before...
Moderate
Unreviewed
CVE-2011-1384
was published
May 17, 2022
GNOME Display Manager (gdm) 2.x before 2.32.1 allows local users to change the ownership of...
Moderate
Unreviewed
CVE-2011-0727
was published
May 17, 2022
The Debian GNU/Linux /etc/cron.d/php5 cron job for PHP 5.3.5 allows local users to delete...
Moderate
Unreviewed
CVE-2011-0441
was published
May 17, 2022
dpkg-source in dpkg before 1.14.31 and 1.15.x allows user-assisted remote attackers to modify...
Moderate
Unreviewed
CVE-2011-0402
was published
May 17, 2022
ocrodjvu is vulnerable to Arbitrary File Modification via symlink attack
Moderate
CVE-2010-4338
was published
for
ocrodjvu
(pip)
May 17, 2022
openibd in OpenFabrics Enterprise Distribution (OFED) 1.5.2 allows local users to overwrite...
Moderate
Unreviewed
CVE-2010-1693
was published
May 17, 2022
Open redirect vulnerability in wp-admin/upgrade.php in WordPress, probably 2.6.x, allows remote...
Moderate
Unreviewed
CVE-2008-6762
was published
May 17, 2022
sng_regress in SNG 1.0.2 allows local users to overwrite arbitrary files via a symlink attack on...
Moderate
Unreviewed
CVE-2008-6398
was published
May 17, 2022
rlatex in AlcoveBook sgml2x 1.0.0 allows local users to overwrite arbitrary files via a symlink...
Moderate
Unreviewed
CVE-2008-6397
was published
May 17, 2022
Sun SNMP Management Agent (SUNWmasf) 1.4u2 through 1.5.4 allows local users to overwrite...
Moderate
Unreviewed
CVE-2008-5746
was published
May 17, 2022
pdfjam creates the (1) pdf90, (2) pdfjoin, and (3) pdfnup files with a predictable name, which...
Moderate
Unreviewed
CVE-2008-5743
was published
May 17, 2022
chm2pdf 0.9 allows user-assisted local users to delete arbitrary files via a symlink attack on ...
Moderate
Unreviewed
CVE-2008-5299
was published
May 17, 2022
The AcquireDaemonLock function in ipcdUnix.cpp in Sun Innotek VirtualBox before 2.0.6 allows...
Moderate
Unreviewed
CVE-2008-5256
was published
May 17, 2022
Moodle vulnerable to symlink attack
Moderate
CVE-2008-5153
was published
for
moodle/moodle
(Composer)
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API