Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,939
Maven
5,000+
npm
3,677
NuGet
643
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

163 advisories

Loading
Local Privilege Escalation in npm Low
CVE-2013-4116 was published for npm (npm) Sep 1, 2020
Directory exposure in jetty Low
CVE-2021-28163 was published for org.eclipse.jetty:jetty-deploy (Maven) Apr 6, 2021
svarovski
alsa-utils 1.0.19 and later versions allows local users to overwrite arbitrary files via a... Low Unreviewed
CVE-2009-0035 was published Apr 21, 2022
mod_gzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode... Low Unreviewed
CVE-2003-0844 was published Apr 29, 2022
Pedestal Software Integrity Protection Driver (IPD) 1.3 and earlier allows privileged attackers,... Low Unreviewed
CVE-2003-1233 was published Apr 29, 2022
The LiveUpdate capability (liveupdate.sh) in Symantec AntiVirus Scan Engine 4.0 and 4.3 for Red... Low Unreviewed
CVE-2004-0217 was published Apr 29, 2022
wmFrog weather monitor 0.1.6 and other versions before 0.2.0 allows local users to overwrite... Low Unreviewed
CVE-2004-2473 was published Apr 29, 2022
Perl 5.004_04 and earlier follows symbolic links when running with the -e option, which allows... Low Unreviewed
CVE-1999-1386 was published Apr 30, 2022
DiskCheck script diskcheck.pl in Red Hat Linux 6.2 allows local users to create or overwrite... Low Unreviewed
CVE-2000-0715 was published Apr 30, 2022
HP-UX 11.00 crontab allows local users to read arbitrary files via the -e option by creating a... Low Unreviewed
CVE-2000-0972 was published Apr 30, 2022
Joe text editor follows symbolic links when creating a rescue copy called DEADJOE during an... Low Unreviewed
CVE-2000-1178 was published Apr 30, 2022
htpasswd and htdigest in Apache 2.0a9, 1.3.14, and others allows local users to overwrite... Low Unreviewed
CVE-2001-0131 was published Apr 30, 2022
fetchmailconf in fetchmail before 5.7.4 allows local users to overwrite files of other users via... Low Unreviewed
CVE-2001-1378 was published Apr 30, 2022
script command in the util-linux package before 2.11n allows local users to overwrite arbitrary... Low Unreviewed
CVE-2001-1494 was published Apr 30, 2022
The tempname_ensure function in lib/routines.h in a2ps 4.14 and earlier, as used by the spy_user... Low Unreviewed
CVE-2001-1593 was published Apr 30, 2022
Firefox before 1.0.1 and Mozilla before 1.7.6 allows remote malicious web sites to overwrite... Low Unreviewed
CVE-2005-0587 was published May 1, 2022
The internal_dump function in Mathopd before 1.5p5, and 1.6x before 1.6b6 BETA, when Mathopd is... Low Unreviewed
CVE-2005-0824 was published May 1, 2022
LutelWall 0.97 and earlier allows local users to overwrite arbitrary files via a symlink attack... Low Unreviewed
CVE-2005-1879 was published May 1, 2022
everybuddy 0.4.3 and earlier allows local users to overwrite arbitrary files via a symlink attack... Low Unreviewed
CVE-2005-1880 was published May 1, 2022
linki.py in ekg 2005-06-05 and earlier allows local users to overwrite or create arbitrary files... Low Unreviewed
CVE-2005-1916 was published May 1, 2022
Race condition in Java 1.4.2 before 1.4.2 Release 2 on Apple Mac OS X allows local users to... Low Unreviewed
CVE-2005-2527 was published May 1, 2022
The (1) kantiword (kantiword.sh) and (2) gantiword (gantiword.sh) scripts in antiword 0.35 and... Low Unreviewed
CVE-2005-3126 was published May 1, 2022
GNU Gnump3d before 2.9.8 allows local users to modify or delete arbitrary files via a symlink... Low Unreviewed
CVE-2005-3349 was published May 1, 2022
rm_mlcache_file in bos.rte.install in AIX 5.1.0 through 5.3.0 allows local users to overwrite... Low Unreviewed
CVE-2006-1247 was published May 1, 2022
openexec in OpenBase SQL before 10.0.1 allows local users to create arbitrary files via a symlink... Low Unreviewed
CVE-2006-5851 was published May 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database