Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,082 advisories

Loading
getipacctg in rancid 2.3.2~a8 allows local users to overwrite arbitrary files via a symlink... Moderate Unreviewed
CVE-2008-4979 was published May 17, 2022
The make_lockdir_name function in policy.c in pmount 0.9.18 allow local users to overwrite... Low Unreviewed
CVE-2010-2192 was published May 17, 2022
GNU gv before 3.7.0 allows local users to overwrite arbitrary files via a symlink attack on a... Low Unreviewed
CVE-2010-2056 was published May 17, 2022
The SPICE (aka spice-xpi) plug-in 2.2 for Firefox allows local users to overwrite arbitrary files... Low Unreviewed
CVE-2010-2794 was published May 17, 2022
The default configuration of libsdp.conf in libsdp 1.1.104 and earlier creates log files in /tmp,... Low Unreviewed
CVE-2010-4173 was published May 17, 2022
mailscanner 4.68.8 and other versions before 4.74.16-1 might allow local users to overwrite... Moderate Unreviewed
CVE-2008-5313 was published May 17, 2022
mailscanner 4.55.10 and other versions before 4.74.16-1 might allow local users to overwrite... Moderate Unreviewed
CVE-2008-5312 was published May 17, 2022
jhead.c in Matthias Wandel jhead 2.84 and earlier allows local users to overwrite arbitrary files... Moderate Unreviewed
CVE-2008-4639 was published May 17, 2022
hammerhead.cc in Hammerhead 2.1.4 allows local users to write to arbitrary files via a symlink... Low Unreviewed
CVE-2011-3204 was published May 17, 2022
The getSkillname function in the eve module in Conky 1.8.1 and earlier allows local users to... Moderate Unreviewed
CVE-2011-3616 was published May 17, 2022
The FileUtils.remove_entry_secure method in Ruby 1.8.6 through 1.8.6-420, 1.8.7 through 1.8.7-330... Moderate Unreviewed
CVE-2011-1004 was published May 17, 2022
The configure script in gnash 0.8.8 allows local users to overwrite arbitrary files via a symlink... Low Unreviewed
CVE-2010-4337 was published May 17, 2022
The errorExitIfAttackViaString function in Tunnelblick 3.3beta20 and earlier allows local users... Low Unreviewed
CVE-2012-4676 was published May 17, 2022
as31 2.3.1-4 does not seed the random number generator and generates predictable temporary file... Low Unreviewed
CVE-2012-0808 was published May 17, 2022
Bokken before 1.6 and 1.5-x before 1.5-3 for Debian allows local users to overwrite arbitrary... Low Unreviewed
CVE-2011-5146 was published May 17, 2022
ProcessTable.pm in the Proc::ProcessTable module 0.45 for Perl, when TTY information caching is... Low Unreviewed
CVE-2011-4363 was published May 17, 2022
sendbug in freebsd-sendpr 3.113+5.3 on Debian GNU/Linux allows local users to overwrite arbitrary... Moderate Unreviewed
CVE-2008-5142 was published May 17, 2022
si_mkbootserver in systemimager-server 3.6.3 allows local users to overwrite arbitrary files via... Moderate Unreviewed
CVE-2008-5156 was published May 17, 2022
Centrify Deployment Manager 2.1.0.283, as distributed in Centrify Suite before 2012.5, allows... Low Unreviewed
CVE-2012-6348 was published May 17, 2022
android-tools 4.1.1 in Android Debug Bridge (ADB) allows local users to overwrite arbitrary files... Low Unreviewed
CVE-2012-5564 was published May 17, 2022
(1) contrib/gforge-3.0-cronjobs.patch, (2) cronjobs/homedirs.php, (3) deb-specific/fileforge.pl, ... Moderate Unreviewed
CVE-2013-1423 was published May 17, 2022
Google Chrome OS before 26.0.1410.57 relies on a Pango pango-utils.c read_config implementation... High Unreviewed
CVE-2013-0927 was published May 17, 2022
bash-doc 3.2 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/cb###... Moderate Unreviewed
CVE-2008-5374 was published May 17, 2022
The cupsFileOpen function in CUPS before 1.4.4 allows local users, with lp group membership, to... Low Unreviewed
CVE-2010-2431 was published May 17, 2022
bin/rt in Request Tracker (RT) 3.8.x before 3.8.17 and 4.0.x before 4.0.13 allows local users to... Low Unreviewed
CVE-2013-3368 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database