Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

507 advisories

Loading
systemd-tmpfiles in systemd through 237 mishandles symlinks present in non-terminal path... High Unreviewed
CVE-2018-6954 was published May 13, 2022
systemd-tmpfiles in systemd before 237 attempts to support ownership/permission changes on... High Unreviewed
CVE-2017-18078 was published May 13, 2022
A flaw was found in RPC request using gfs3_symlink_req in glusterfs server which allows symlink... High Unreviewed
CVE-2018-10928 was published May 13, 2022
An exploitable vulnerability exists in the /api/CONFIG/restore functionality of Circle with... High Unreviewed
CVE-2017-2916 was published May 13, 2022
Check Point Endpoint Security Client for Windows versions earlier than E86.40 copy files for... High Unreviewed
CVE-2022-23742 was published May 13, 2022
An improper link resolution before file access ('Link Following') vulnerability has been reported... High Unreviewed
CVE-2021-44052 was published May 6, 2022
The fedora-business-cards package before 1-0.1.beta1.fc17 on Fedora 17 and before 1-0.1.beta1... High Unreviewed
CVE-2013-0159 was published May 5, 2022
The (1) pj-gs.sh, (2) ps2epsi, (3) pv.sh, and (4) sysvlp.sh scripts in the ESP Ghostscript (espgs... High Unreviewed
CVE-2004-0967 was published May 3, 2022
fence_manual, as used in fence 2.02.00-r1 and possibly cman, allows local users to modify... High Unreviewed
CVE-2008-4580 was published May 2, 2022
qemu-make-debian-root in qemu 0.9.1-5 on Debian GNU/Linux allows local users to overwrite... High Unreviewed
CVE-2008-4553 was published May 2, 2022
ibackup 2.27 allows local users to overwrite arbitrary files via a symlink attack on temporary... High Unreviewed
CVE-2008-4475 was published May 2, 2022
alert.d/test.alert in mon 0.99.2 allows local users to overwrite arbitrary files via a symlink... High Unreviewed
CVE-2008-4477 was published May 2, 2022
freeradius-dialupadmin in freeradius 2.0.4 allows local users to overwrite arbitrary files via a... High Unreviewed
CVE-2008-4474 was published May 2, 2022
The to-upgrade plugin in feta 1.4.16 allows local users to overwrite arbitrary files via a... High Unreviewed
CVE-2008-4440 was published May 2, 2022
A certain Debian patch to the run scripts for sabre (aka xsabre) 0.2.4b allows local users to... High Unreviewed
CVE-2008-4406 was published May 2, 2022
Tools/faqwiz/move-faqwiz.sh (aka the generic FAQ wizard moving tool) in Python 2.4.5 might allow... High Unreviewed
CVE-2008-4108 was published May 2, 2022
genmsgidx in Tiger 3.2.2 allows local users to overwrite or delete arbitrary files via a symlink... High Unreviewed
CVE-2008-3927 was published May 2, 2022
gather-messages.sh in Ampache 3.4.1 allows local users to overwrite arbitrary files via a symlink... High Unreviewed
CVE-2008-3929 was published May 2, 2022
configvar in Caudium 1.4.12 allows local users to overwrite arbitrary files via a symlink attack... High Unreviewed
CVE-2008-3883 was published May 2, 2022
Race condition in the jas_stream_tmpfile function in libjasper/base/jas_stream.c in JasPer 1.900... High Unreviewed
CVE-2008-3521 was published May 2, 2022
Unspecified vulnerability in Links before 2.1, when "only proxies" is enabled, has unknown impact... High Unreviewed
CVE-2008-3329 was published May 1, 2022
Joomla! Open Redirect vulnerability High
CVE-2008-3227 was published for joomla/framework (Composer) May 1, 2022
Launch Services in Apple Mac OS X before 10.5, when Open Safe Files is enabled, allows remote... High Unreviewed
CVE-2008-2311 was published May 1, 2022
aptlinex before 0.91 allows local users to overwrite arbitrary files via a symlink attack on the... High Unreviewed
CVE-2008-1901 was published May 1, 2022
expn in the am-utils and net-fs packages for Gentoo, rPath Linux, and other distributions, allows... High Unreviewed
CVE-2008-1078 was published May 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database