GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,638
Composer 5,007
Erlang 39
GitHub Actions 38
Go 2,645
Maven 6,108
npm 4,271
NuGet 760
pip 4,065
Pub 12
RubyGems 957
Rust 1,057
Swift 45

Unreviewed advisories

All unreviewed 277,148

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,201 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

/bin/login in shadow 4.0.18.1 in Debian GNU/Linux, and probably other Linux distributions, allows... High Unreviewed

CVE-2008-5394 was published May 14, 2022

Denial of service via crafting malicious link and sending it to a privileged user can cause... High Unreviewed

CVE-2018-15351 was published May 14, 2022

/etc/init.d/boot.localfs in the aaa_base package before 11.2-43.48.1 in SUSE openSUSE 11.2, and... Moderate Unreviewed

CVE-2011-0461 was published May 14, 2022

Gummi 0.6.5 allows local users to write to arbitrary files via a symlink attack on a temporary... Low Unreviewed

CVE-2015-7758 was published May 14, 2022

GNU patch 2.7.1 allows remote attackers to write to arbitrary files via a symlink attack in a... Moderate Unreviewed

CVE-2015-1196 was published May 14, 2022

The SplFileInfo::getType function in the Standard PHP Library (SPL) extension in PHP before 5.3.4... Moderate Unreviewed

CVE-2011-0754 was published May 14, 2022

The GetHTMLRunDir function in the scan-build utility in Clang 3.5 and earlier allows local users... Low Unreviewed

CVE-2014-2893 was published May 14, 2022

The _rl_tropen function in util.c in GNU readline before 6.3 patch 3 allows local users to create... Low Unreviewed

CVE-2014-2524 was published May 14, 2022

An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10... Moderate Unreviewed

CVE-2016-7619 was published May 14, 2022

The init script in kbd, possibly 1.14.1 and earlier, allows local users to overwrite arbitrary... Moderate Unreviewed

CVE-2011-0460 was published May 14, 2022

GNU Parallel before 20150522 (Nepal), when using (1) --cat or (2) --fifo with --sshlogin, allows... Low Unreviewed

CVE-2015-4156 was published May 14, 2022

The LHA.sys driver before 1.1.1811.2101 in LG Device Manager exposes functionality that allows... High Unreviewed

CVE-2019-8372 was published May 14, 2022

CrashHouseKeeping in Crash Reporting in Apple iOS before 7.1 and Apple TV before 6.1 allows local... Moderate Unreviewed

CVE-2014-1272 was published May 14, 2022

syslogd in the syslog subsystem in Apple iOS before 8 and Apple TV before 7 allows local users to... Low Unreviewed

CVE-2014-4372 was published May 14, 2022

An improper link resolution flaw can occur while extracting an archive leading to changing modes,... High Unreviewed

CVE-2021-31566 was published Aug 24, 2022

An improper link resolution flaw while extracting an archive can lead to changing the access... High Unreviewed

CVE-2021-23177 was published Aug 24, 2022

Directory traversal vulnerability in afc in AppleFileConduit in Apple iOS before 8.1.3 and Apple... High Unreviewed

CVE-2014-4480 was published May 14, 2022

An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10... Moderate Unreviewed

CVE-2016-4679 was published May 14, 2022

OpenFabrics ibutils 1.5.7 allows local users to overwrite arbitrary files via a symlink attack on... Moderate Unreviewed

CVE-2013-2561 was published May 14, 2022

In supportutils, before version 3.1-5.7.1 and if pacemaker is installed on the system, an... Moderate Unreviewed

CVE-2018-19638 was published May 14, 2022

Supportutils, before version 3.1-5.7.1, wrote data to static file /tmp/supp_log, allowing local... Moderate Unreviewed

CVE-2018-19637 was published May 14, 2022

The (1) tomcat5, (2) tomcat6, and (3) tomcat7 init scripts, as used in the RPM distribution of... Moderate Unreviewed

CVE-2013-1976 was published May 14, 2022

lxclock.c in LXC 1.1.2 and earlier allows local users to create arbitrary files via a symlink... Moderate Unreviewed

CVE-2015-1331 was published May 14, 2022

lxc-start in lxc before 1.0.8 and 1.1.x before 1.1.4 allows local container administrators to... High Unreviewed

CVE-2015-1335 was published May 14, 2022

keepalived 2.0.8 didn't check for pathnames with symlinks when writing data to a temporary file... Moderate Unreviewed

CVE-2018-19044 was published May 14, 2022

Previous 1…28…49 Next

Previous 1 2 … 26 27 28 29 30 … 48 49 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,201 advisories