GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,600
Composer 5,005
Erlang 39
GitHub Actions 38
Go 2,635
Maven 6,103
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,393

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,196 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

cpio, as used in build 2007.05.10, 2010.07.28, and possibly other versions, allows remote... Moderate Unreviewed

CVE-2010-4226 was published May 17, 2022

fuse 2.8.5 and earlier does not properly handle when /etc/mtab cannot be updated, which allows... Low Unreviewed

CVE-2011-0541 was published May 17, 2022

The play_wave_from_socket function in audio/auserver.c in Flite 1.4 allows local users to modify... Low Unreviewed

CVE-2014-0027 was published May 17, 2022

base/pkit.py in HP Linux Imaging and Printing (HPLIP) through 3.13.11 allows local users to... Low Unreviewed

CVE-2013-6402 was published May 17, 2022

lppasswd in CUPS before 1.7.1, when running with setuid privileges, allows local users to read... Low Unreviewed

CVE-2013-6891 was published May 17, 2022

dmrc.c in Light Display Manager (aka LightDM) before 1.1.1 allows local users to read arbitrary... Low Unreviewed

CVE-2011-3153 was published May 17, 2022

LightDM before 1.0.6 allows local users to change ownership of arbitrary files via a symlink... Low Unreviewed

CVE-2011-4105 was published May 17, 2022

The openTempFile function in goo/gfile.cc in Xpdf and Poppler 0.24.3 and earlier, when running on... Low Unreviewed

CVE-2013-4472 was published May 17, 2022

DistUpgrade/DistUpgradeViewKDE.py in Update Manager before 1:0.87.31.1, 1:0.134.x before 1:0.134... Low Unreviewed

CVE-2011-3154 was published May 17, 2022

The IPXPING_COMMAND in contrib/check_ipxping.c in Nagios Plugins 1.4.16 allows local users to... Moderate Unreviewed

CVE-2013-4215 was published May 17, 2022

include/tests_webservers in Lynis before 1.5.5 on AIX allows local users to overwrite arbitrary... Low Unreviewed

CVE-2014-3982 was published May 17, 2022

include/tests_webservers in Lynis before 1.5.5 allows local users to overwrite arbitrary files... Low Unreviewed

CVE-2014-3986 was published May 17, 2022

The Qualcomm Innovation Center (QuIC) init scripts in Code Aurora Forum (CAF) releases of Android... Low Unreviewed

CVE-2013-6124 was published May 17, 2022

The (1) mkxmltype and (2) mkdtskel scripts in XML-DT before 0.64 allow local users to overwrite... Moderate Unreviewed

CVE-2014-5260 was published May 17, 2022

Improper Link Resolution Before File Access in Apache Hadoop Moderate

CVE-2014-3627 was published for org.apache.hadoop:hadoop-client (Maven) May 17, 2022

The LXC driver (lxc/lxc_driver.c) in libvirt 1.0.1 through 1.2.1 allows local users to (1) delete... Moderate Unreviewed

CVE-2013-6456 was published May 17, 2022

pax 1:20140703 allows remote attackers to write to arbitrary files via a symlink attack in an... Moderate Unreviewed

CVE-2015-1194 was published May 17, 2022

The Read Mail module in Webmin 1.720 allows local users to read arbitrary files via a symlink... Moderate Unreviewed

CVE-2015-1377 was published May 17, 2022

The XPC implementation in Admin Framework in Apple OS X before 10.10.3 allows local users to... High Unreviewed

CVE-2015-1130 was published May 17, 2022

kernel_crashdump in Apport before 2.19 allows local users to cause a denial of service (disk... High Unreviewed

CVE-2015-1338 was published May 17, 2022

The undo save quit routine in the kernel in Blender 2.5, 2.63a, and earlier allows local users to... Low Unreviewed

CVE-2010-5105 was published May 17, 2022

zarafa-autorespond in Zarafa Collaboration Platform (ZCP) before 7.2.1 allows local users to gain... High Unreviewed

CVE-2015-6566 was published May 17, 2022

Cool Projects TarDiff allows local users to write to arbitrary files via a symlink attack on a... Low Unreviewed

CVE-2015-0858 was published May 17, 2022

lisp/net/tramp-sh.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary... Low Unreviewed

CVE-2014-3424 was published May 17, 2022

lisp/net/browse-url.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary... Low Unreviewed

CVE-2014-3423 was published May 17, 2022

Previous 1…27…48 Next

Previous 1 2 … 25 26 27 28 29 … 47 48 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,196 advisories