Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

493 advisories

Loading
The LXC driver (lxc/lxc_driver.c) in libvirt 1.0.1 through 1.2.1 allows local users to (1) delete... Moderate Unreviewed
CVE-2013-6456 was published May 17, 2022
pax 1:20140703 allows remote attackers to write to arbitrary files via a symlink attack in an... Moderate Unreviewed
CVE-2015-1194 was published May 17, 2022
The Read Mail module in Webmin 1.720 allows local users to read arbitrary files via a symlink... Moderate Unreviewed
CVE-2015-1377 was published May 17, 2022
A certain Red Hat script for sudo 1.7.2 on Red Hat Enterprise Linux (RHEL) 5 allows local users... Moderate Unreviewed
CVE-2012-3440 was published May 17, 2022
Typo3 Open Redirect In Frontend Rendering Moderate
CVE-2014-9508 was published for typo3/cms (Composer) May 17, 2022
provider/server/ECServer.cpp in Zarafa Collaboration Platform (ZCP) before 7.1.13 and 7.2.x... Moderate Unreviewed
CVE-2015-3436 was published May 17, 2022
The abrt-hook-ccpp help program in Automatic Bug Reporting Tool (ABRT) before 2.7.1 allows local... Moderate Unreviewed
CVE-2015-5287 was published May 17, 2022
rss-newsfeed.php in Nagios Core 3.4.4, 3.5.1, and earlier, when MAGPIE_CACHE_ON is set to 1,... Moderate Unreviewed
CVE-2013-4214 was published May 17, 2022
Location Framework in Apple iOS before 8.4.1 allows local users to bypass intended restrictions... Moderate Unreviewed
CVE-2015-3759 was published May 17, 2022
Backup in Apple iOS before 8.4.1 allows attackers to bypass intended restrictions on filesystem... Moderate Unreviewed
CVE-2015-5752 was published May 17, 2022
The (1) shell_exec function in lib/util/MiqSshUtilV1.rb and (2) temp_cmd_file function in lib... Moderate Unreviewed
CVE-2014-3486 was published May 17, 2022
ppc64-diag 2.6.1 allows local users to overwrite arbitrary files via a symlink attack related to ... Moderate Unreviewed
CVE-2014-4038 was published May 17, 2022
The IPTables-Parse module before 1.6 for Perl allows local users to write to arbitrary files... Moderate Unreviewed
CVE-2015-8326 was published May 17, 2022
ioquake3 before r2253 allows local users to overwrite arbitrary files via a symlink attack on the... Moderate Unreviewed
CVE-2012-3345 was published May 17, 2022
Open-source ARJ archiver 3.10.22 allows remote attackers to conduct directory traversal attacks... Moderate Unreviewed
CVE-2015-0556 was published May 17, 2022
The Hotspot component in OpenJDK8 as packaged in Red Hat Enterprise Linux 6 and 7 allows local... Moderate Unreviewed
CVE-2015-3149 was published May 17, 2022
rc.sysinit in initscripts 8.12-8.21 and 8.56.15-0.1 on rPath allows local users to delete... Moderate Unreviewed
CVE-2008-4832 was published May 17, 2022
writtercontrol in cdcontrol 1.90 allows local users to overwrite arbitrary files via a symlink... Moderate Unreviewed
CVE-2008-4944 was published May 17, 2022
aegis 4.24 and aegis-web 4.24 allow local users to overwrite arbitrary files via a symlink attack... Moderate Unreviewed
CVE-2008-4938 was published May 17, 2022
faxspool in mgetty 1.1.36 allows local users to overwrite arbitrary files via a symlink attack on... Moderate Unreviewed
CVE-2008-4936 was published May 17, 2022
xmlfile.py in aptoncd 0.1 allows local users to overwrite arbitrary files via a symlink attack on... Moderate Unreviewed
CVE-2008-4940 was published May 17, 2022
audiolink in audiolink 0.05 allows local users to overwrite arbitrary files via a symlink attack... Moderate Unreviewed
CVE-2008-4942 was published May 17, 2022
arb-common 0.0.20071207.1 allows local users to overwrite arbitrary files via a symlink attack on... Moderate Unreviewed
CVE-2008-4941 was published May 17, 2022
asciiview in aview 1.3.0 allows local users to overwrite arbitrary files via a symlink attack on... Moderate Unreviewed
CVE-2008-4935 was published May 17, 2022
apertium 3.0.7 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/#... Moderate Unreviewed
CVE-2008-4939 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database