Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

493 advisories

Loading
The printing process can bypass local access protections to read files available through symlinks... Moderate Unreviewed
CVE-2018-5107 was published May 14, 2022
The scheme48-send-definition function in cmuscheme48.el in Scheme 48 allows local users to write... Moderate Unreviewed
CVE-2014-4150 was published May 14, 2022
Check_MK through 1.2.5i2p1 allows local users to read arbitrary files via a symlink attack to a... Moderate Unreviewed
CVE-2014-0243 was published May 14, 2022
mtx-changer.Adic-Scalar-24 in bacula-common 2.4.2 allows local users to overwrite arbitrary files... Moderate Unreviewed
CVE-2008-5373 was published May 14, 2022
elf/dl-load.c in ld.so in the GNU C Library (aka glibc or libc6) through 2.11.2, and 2.12.x... Moderate Unreviewed
CVE-2010-3847 was published May 14, 2022
Enomaly Elastic Computing Platform (ECP), formerly Enomalism, before 2.1.1 allows local users to... Moderate Unreviewed
CVE-2008-4990 was published May 14, 2022
ViArt Shop (aka Shopping Cart) 3.5 allows remote attackers to obtain sensitive information via an... Moderate Unreviewed
CVE-2008-6760 was published May 14, 2022
ViArt Shop (aka Shopping Cart) 3.5 allows remote attackers to obtain sensitive information via a... Moderate Unreviewed
CVE-2008-6759 was published May 14, 2022
mktexlsr revision 22855 through revision 36625 as packaged in texlive allows local users to write... Moderate Unreviewed
CVE-2015-5700 was published May 14, 2022
The SplFileInfo::getType function in the Standard PHP Library (SPL) extension in PHP before 5.3.4... Moderate Unreviewed
CVE-2011-0754 was published May 14, 2022
An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10... Moderate Unreviewed
CVE-2016-7619 was published May 14, 2022
The init script in kbd, possibly 1.14.1 and earlier, allows local users to overwrite arbitrary... Moderate Unreviewed
CVE-2011-0460 was published May 14, 2022
/etc/init.d/boot.localfs in the aaa_base package before 11.2-43.48.1 in SUSE openSUSE 11.2, and... Moderate Unreviewed
CVE-2011-0461 was published May 14, 2022
eyeD3 is vulnerable to arbitrary file modification via symlink attack Moderate
CVE-2014-1934 was published for eyeD3 (pip) May 14, 2022
GNU patch 2.7.1 allows remote attackers to write to arbitrary files via a symlink attack in a... Moderate Unreviewed
CVE-2015-1196 was published May 14, 2022
CrashHouseKeeping in Crash Reporting in Apple iOS before 7.1 and Apple TV before 6.1 allows local... Moderate Unreviewed
CVE-2014-1272 was published May 14, 2022
An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10... Moderate Unreviewed
CVE-2016-4679 was published May 14, 2022
OpenFabrics ibutils 1.5.7 allows local users to overwrite arbitrary files via a symlink attack on... Moderate Unreviewed
CVE-2013-2561 was published May 14, 2022
Improper Link Resolution Before File Access in Suds Moderate
CVE-2013-2217 was published for suds (pip) May 14, 2022
The (1) tomcat5, (2) tomcat6, and (3) tomcat7 init scripts, as used in the RPM distribution of... Moderate Unreviewed
CVE-2013-1976 was published May 14, 2022
In supportutils, before version 3.1-5.7.1 and if pacemaker is installed on the system, an... Moderate Unreviewed
CVE-2018-19638 was published May 14, 2022
Supportutils, before version 3.1-5.7.1, wrote data to static file /tmp/supp_log, allowing local... Moderate Unreviewed
CVE-2018-19637 was published May 14, 2022
lxclock.c in LXC 1.1.2 and earlier allows local users to create arbitrary files via a symlink... Moderate Unreviewed
CVE-2015-1331 was published May 14, 2022
Puppet arbitrary file overwrite Moderate
CVE-2011-3869 was published for puppet (RubyGems) May 14, 2022
Puppet allows local users to modify the permissions of arbitrary files Moderate
CVE-2011-3870 was published for puppet (RubyGems) May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database