Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,414 advisories

Loading
SciPy creates insecure temporary directories High
CVE-2013-4251 was published for scipy (pip) May 5, 2022
autojump before 21.5.8 allows local users to gain privileges via a Trojan horse custom_install... High Unreviewed
CVE-2013-2012 was published May 5, 2022
Cisco IOS 12.2 through 12.4 and 15.0 through 15.2 and IOS XE 2.1.x through 2.6.x and 3.1.xS... High Unreviewed
CVE-2012-0384 was published May 4, 2022
Mattermost Playbooks plugin 1.25 and earlier fails to properly restrict user-level permissions,... High Unreviewed
CVE-2022-1548 was published May 4, 2022
In Progress OpenEdge before 11.7.14 and 12.x before 12.2.9, certain SUID binaries within the... High Unreviewed
CVE-2022-29849 was published May 3, 2022
Write access to the catalog for any user when restricted-admin role is enabled in Rancher High
CVE-2021-4200 was published for github.com/rancher/rancher (Go) May 2, 2022
The do_change_type function in fs/namespace.c in the Linux kernel before 2.6.22 does not verify... High Unreviewed
CVE-2008-2931 was published May 1, 2022
Logic error in the SID/Name translation functionality in smbd in Samba 3.0.23d through 3.0.25pre2... High Unreviewed
CVE-2007-2444 was published May 1, 2022
smss.exe debugging subsystem in Windows NT and Windows 2000 does not properly authenticate... High Unreviewed
CVE-2002-0367 was published Apr 30, 2022
Certain NFS servers allow users to use mknod to gain privileges by creating a writable kmem... High Unreviewed
CVE-1999-0084 was published Apr 30, 2022
In Philips' IntelliSpace Cardiovascular (ISCV) products (ISCV Version 2.x or prior and Xcelera... High Unreviewed
CVE-2018-14787 was published Apr 30, 2022
Podman publishes a malicious image to public registries High
CVE-2022-1227 was published for github.com/containers/podman/v3 (Go) Apr 30, 2022
andrewpollock
Credited to andrewpollock
Under certain circumstances improper privilege management in Metasys ADS/ADX/OAS servers versions... High Unreviewed
CVE-2021-36207 was published Apr 30, 2022
The Zoom Client for Meetings for Windows prior to version 5.9.7, Zoom Rooms for Conference Room... High Unreviewed
CVE-2022-22782 was published Apr 29, 2022
In Miele Benchmark Programming Tool with versions Prior to 1.2.71, executable files manipulated... High Unreviewed
CVE-2022-22521 was published Apr 28, 2022
IBM UrbanCode Deploy (UCD) 7.2.2.1 could allow an authenticated user with special permissions to... High Unreviewed
CVE-2022-22315 was published Apr 28, 2022
Soapbox through 0.3.1: Sandbox bypass - runs a second instance of Soapbox within a sandboxed... High Unreviewed
CVE-2012-6302 was published Apr 23, 2022
The isearch package (textproc/isearch) before 1.47.01nb1 uses the tempnam() function to create... High Unreviewed
CVE-2012-5663 was published Apr 23, 2022
A Privilege Escalation vulnerability exits in Fedoraproject Sectool due to an incorrect DBus file. High Unreviewed
CVE-2012-1615 was published Apr 23, 2022
mom creates world-writable pid files in /var/run High Unreviewed
CVE-2012-4480 was published Apr 23, 2022
An privilege elevation vulnerability exists in Cloud-init before 0.7.0 when requests to an... High Unreviewed
CVE-2012-6639 was published Apr 23, 2022
gksu-polkit: permissive PolicyKit policy configuration file allows privilege escalation High Unreviewed
CVE-2012-5617 was published Apr 23, 2022
A potential vulnerability in the SMI callback function used in the NVME driver in some Lenovo... High Unreviewed
CVE-2021-4210 was published Apr 23, 2022
lightdm before 0.9.6 writes in .dmrc and Xauthority files using root permissions while the files... High Unreviewed
CVE-2011-3349 was published Apr 22, 2022
The AX.25 daemon (ax25d) in ax25-tools before 0.0.8-13 does not check the return value of a... High Unreviewed
CVE-2011-2910 was published Apr 22, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database