GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,600
Composer 5,005
Erlang 39
GitHub Actions 38
Go 2,635
Maven 6,103
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,454

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

493 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The Debian GNU/Linux /etc/cron.d/php5 cron job for PHP 5.3.5 allows local users to delete... Moderate Unreviewed

CVE-2011-0441 was published May 17, 2022

GNOME Display Manager (gdm) 2.x before 2.32.1 allows local users to change the ownership of... Moderate Unreviewed

CVE-2011-0727 was published May 17, 2022

The (1) bin/invscoutClient_VPD_Survey and (2) sbin/invscout_lsvpd programs in invscout.rte before... Moderate Unreviewed

CVE-2011-1384 was published May 17, 2022

Openstack DBaaS (Trove) Improper Link Resolution Before File Access Moderate

CVE-2015-3156 was published for trove (pip) May 17, 2022

The do_dump_data function in utils/opcontrol in OProfile 0.9.6 and earlier might allow local... Moderate Unreviewed

CVE-2011-2473 was published May 17, 2022

openCryptoki 2.4.1 allows local users to create or set world-writable permissions on arbitrary... Moderate Unreviewed

CVE-2012-4455 was published May 17, 2022

vm-support 0.88 in VMware Tools, as distributed with VMware Workstation through 10.0.3 and other... Moderate Unreviewed

CVE-2014-4199 was published May 17, 2022

php-fpm allows local users to write to or create arbitrary files via a symlink attack. Moderate Unreviewed

CVE-2015-3211 was published May 17, 2022

p7zip 9.20.1 allows remote attackers to write to arbitrary files via a symlink attack in an archive. Moderate Unreviewed

CVE-2015-1038 was published May 17, 2022

mktexlsr revision 36855, and before revision 36626 as packaged in texlive allows local users to... Moderate Unreviewed

CVE-2015-5701 was published May 17, 2022

qemu-dm.debug in Xen 3.2.1 allows local users to overwrite arbitrary files via a symlink attack... Moderate Unreviewed

CVE-2008-4993 was published May 17, 2022

pstopdf in CUPS 1.3.8 allows local users to overwrite arbitrary files via a symlink attack on the... Moderate Unreviewed

CVE-2008-5377 was published May 17, 2022

The cTrigger::DoIt function in src/ctrigger.cpp in the trigger mechanism in the daemon in... Moderate Unreviewed

CVE-2008-5706 was published May 17, 2022

Multiple open redirect vulnerabilities in AIST NetCat 3.12 and earlier allow remote attackers to... Moderate Unreviewed

CVE-2008-5742 was published May 17, 2022

Red Hat Cluster Project 2.x allows local users to modify or overwrite arbitrary files via symlink... Moderate Unreviewed

CVE-2008-6552 was published May 17, 2022

IBM Spectrum Protect 7.1 and 8.1 could allow a local attacker to launch a symlink attack. IBM... Moderate Unreviewed

CVE-2017-1301 was published May 17, 2022

foo2zjs before 20110722dfsg-3ubuntu1 as packaged in Ubuntu, 20110722dfsg-1 as packaged in Debian... Moderate Unreviewed

CVE-2011-2684 was published May 17, 2022

The Debian pg_ctlcluster, pg_createcluster, and pg_upgradecluster scripts, as distributed in the... Moderate Unreviewed

CVE-2017-8806 was published May 17, 2022

The unpacker::redirect_stdio function in unpack.cpp in unpack200 in OpenJDK 6, 7, and 8; Oracle... Moderate Unreviewed

CVE-2014-1876 was published May 14, 2022

The rs_filter_graph function in librawstudio/rs-filter.c in rawstudio might allow local users to... Moderate Unreviewed

CVE-2014-4978 was published May 14, 2022

VladTheEnterprising allows local users to write to arbitrary files via a symlink attack Moderate

CVE-2014-4996 was published for VladTheEnterprising (RubyGems) May 14, 2022

clipedit in the Clipboard module for Perl allows local users to delete arbitrary files via a... Moderate Unreviewed

CVE-2014-5509 was published May 14, 2022

OpenRC opentmpfiles through 0.1.3, when the fs.protected_hardlinks sysctl is turned off, allows... Moderate Unreviewed

CVE-2017-18188 was published May 14, 2022

Context relabeling of filesystems is vulnerable to symbolic link attack, allowing a local,... Moderate Unreviewed

CVE-2018-1063 was published May 14, 2022

An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue... Moderate Unreviewed

CVE-2018-4112 was published May 14, 2022

Previous 1…13…20 Next

Previous 1 2 … 11 12 13 14 15 … 19 20 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

493 advisories