GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,638
Composer 5,007
Erlang 39
GitHub Actions 38
Go 2,645
Maven 6,108
npm 4,271
NuGet 760
pip 4,065
Pub 12
RubyGems 957
Rust 1,057
Swift 45

Unreviewed advisories

All unreviewed 277,136

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,201 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The qmailscan plugin for Munin 1.4.5 allows local users to overwrite arbitrary files via a... Low Unreviewed

CVE-2012-2103 was published May 17, 2022

This affects the package juce-framework/JUCE before 6.1.5. This vulnerability is triggered when a... High Unreviewed

CVE-2021-23521 was published Feb 8, 2022

IBM Advanced Settings Utility (ASU) through 3.62 and 3.70 through 9.21 and Bootable Media Creator... Low Unreviewed

CVE-2012-3329 was published May 17, 2022

welcome.py in xdiagnose before 2.5.2ubuntu0.1 allows local users to overwrite arbitrary files via... Low Unreviewed

CVE-2012-5355 was published May 17, 2022

A link following denial-of-service vulnerability in Trend Micro Worry-Free Business Security (on... High Unreviewed

CVE-2021-45442 was published Jan 11, 2022

An improper link resolution before file access vulnerability exists in the Palo Alto Networks... High Unreviewed

CVE-2022-0012 was published Jan 13, 2022

(1) debian/postrm and (2) debian/localepurge.config in localepurge before 0.7.3.2 use tempfile to... Low Unreviewed

CVE-2014-1638 was published May 17, 2022

A link following denial-of-service vulnerability in Trend Micro Apex One (on-prem and SaaS) and... High Unreviewed

CVE-2021-44024 was published Jan 11, 2022

The MOTD update script in the base-files package in Ubuntu 18.04 LTS before 10.1ubuntu2.2, and... High Unreviewed

CVE-2018-6557 was published May 14, 2022

The Capture::Tiny module before 0.24 for Perl allows local users to write to arbitrary files via... Low Unreviewed

CVE-2014-1875 was published May 17, 2022

vm-support 0.88 in VMware Tools, as distributed with VMware Workstation through 10.0.3 and other... Moderate Unreviewed

CVE-2014-4199 was published May 17, 2022

syncevo/installcheck-local.sh in syncevolution before 1.3.99.7 uses mktemp to create a safe... Low Unreviewed

CVE-2014-1639 was published May 17, 2022

axiom-test.sh in axiom 20100701-1.1 uses tempfile to create a safe temporary file but appends a... Low Unreviewed

CVE-2014-1640 was published May 17, 2022

The runtime linker in QNX Neutrino RTOS 6.5.0 before Service Pack 1 does not properly clear the... Low Unreviewed

CVE-2011-4060 was published May 17, 2022

Trendnet AC2600 TEW-827DRU version 2.08B01 contains a symlink vulnerability in the bittorrent... Moderate Unreviewed

CVE-2021-20153 was published Dec 31, 2021

php-fpm allows local users to write to or create arbitrary files via a symlink attack. Moderate Unreviewed

CVE-2015-3211 was published May 17, 2022

mktexlsr revision 36855, and before revision 36626 as packaged in texlive allows local users to... Moderate Unreviewed

CVE-2015-5701 was published May 17, 2022

p7zip 9.20.1 allows remote attackers to write to arbitrary files via a symlink attack in an archive. Moderate Unreviewed

CVE-2015-1038 was published May 17, 2022

Argument injection vulnerability in devscripts before 2.15.7 allows remote attackers to write to... High Unreviewed

CVE-2015-5705 was published May 17, 2022

qemu-dm.debug in Xen 3.2.1 allows local users to overwrite arbitrary files via a symlink attack... Moderate Unreviewed

CVE-2008-4993 was published May 17, 2022

pstopdf in CUPS 1.3.8 allows local users to overwrite arbitrary files via a symlink attack on the... Moderate Unreviewed

CVE-2008-5377 was published May 17, 2022

Multiple open redirect vulnerabilities in AIST NetCat 3.12 and earlier allow remote attackers to... Moderate Unreviewed

CVE-2008-5742 was published May 17, 2022

The cTrigger::DoIt function in src/ctrigger.cpp in the trigger mechanism in the daemon in... Moderate Unreviewed

CVE-2008-5706 was published May 17, 2022

Red Hat Cluster Project 2.x allows local users to modify or overwrite arbitrary files via symlink... Moderate Unreviewed

CVE-2008-6552 was published May 17, 2022

IBM Spectrum Protect 7.1 and 8.1 could allow a local attacker to launch a symlink attack. IBM... Moderate Unreviewed

CVE-2017-1301 was published May 17, 2022

Previous 1…26…49 Next

Previous 1 2 … 24 25 26 27 28 … 48 49 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,201 advisories