Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,196 advisories

Loading
tau 2.16.4 allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp... Moderate Unreviewed
CVE-2008-5157 was published May 17, 2022
Moodle vulnerable to symlink attack Moderate
CVE-2008-5153 was published for moodle/moodle (Composer) May 17, 2022
test-pipe-to-pyodconverter.org.sh in docvert 2.4 allows local users to overwrite arbitrary files... Moderate Unreviewed
CVE-2008-5147 was published May 17, 2022
sample.sh in maildirsync 1.1 allows local users to append data to arbitrary files via a symlink... Moderate Unreviewed
CVE-2008-5150 was published May 17, 2022
inmail-show in mh-book 200605 allows local users to overwrite arbitrary files via a symlink... Moderate Unreviewed
CVE-2008-5152 was published May 17, 2022
bluetooth.rc in p3nfs 5.19 allows local users to overwrite arbitrary files via a symlink attack... Moderate Unreviewed
CVE-2008-5154 was published May 17, 2022
The AcquireDaemonLock function in ipcdUnix.cpp in Sun Innotek VirtualBox before 2.0.6 allows... Moderate Unreviewed
CVE-2008-5256 was published May 17, 2022
chm2pdf 0.9 allows user-assisted local users to delete arbitrary files via a symlink attack on ... Moderate Unreviewed
CVE-2008-5299 was published May 17, 2022
pdfjam creates the (1) pdf90, (2) pdfjoin, and (3) pdfnup files with a predictable name, which... Moderate Unreviewed
CVE-2008-5743 was published May 17, 2022
Sun SNMP Management Agent (SUNWmasf) 1.4u2 through 1.5.4 allows local users to overwrite... Moderate Unreviewed
CVE-2008-5746 was published May 17, 2022
The SmartPoster implementation on the Nokia 6131 Near Field Communication (NFC) phone with 05.12... Low Unreviewed
CVE-2008-5825 was published May 17, 2022
rlatex in AlcoveBook sgml2x 1.0.0 allows local users to overwrite arbitrary files via a symlink... Moderate Unreviewed
CVE-2008-6397 was published May 17, 2022
sng_regress in SNG 1.0.2 allows local users to overwrite arbitrary files via a symlink attack on... Moderate Unreviewed
CVE-2008-6398 was published May 17, 2022
Open redirect vulnerability in wp-admin/upgrade.php in WordPress, probably 2.6.x, allows remote... Moderate Unreviewed
CVE-2008-6762 was published May 17, 2022
openibd in OpenFabrics Enterprise Distribution (OFED) 1.5.2 allows local users to overwrite... Moderate Unreviewed
CVE-2010-1693 was published May 17, 2022
emesenelib/ProfileManager.py in emesene before 1.6.2 allows local users to overwrite arbitrary... Low Unreviewed
CVE-2010-2053 was published May 17, 2022
ocrodjvu is vulnerable to Arbitrary File Modification via symlink attack Moderate
CVE-2010-4338 was published for ocrodjvu (pip) May 17, 2022
dpkg-source in dpkg before 1.14.31 and 1.15.x allows user-assisted remote attackers to modify... Moderate Unreviewed
CVE-2011-0402 was published May 17, 2022
The Debian GNU/Linux /etc/cron.d/php5 cron job for PHP 5.3.5 allows local users to delete... Moderate Unreviewed
CVE-2011-0441 was published May 17, 2022
GNOME Display Manager (gdm) 2.x before 2.32.1 allows local users to change the ownership of... Moderate Unreviewed
CVE-2011-0727 was published May 17, 2022
The (1) bin/invscoutClient_VPD_Survey and (2) sbin/invscout_lsvpd programs in invscout.rte before... Moderate Unreviewed
CVE-2011-1384 was published May 17, 2022
The make include files in NetBSD before 1.6.2, as used in pmake 1.111 and other products, allow... Low Unreviewed
CVE-2011-1920 was published May 17, 2022
Openstack DBaaS (Trove) Improper Link Resolution Before File Access Moderate
CVE-2015-3156 was published for trove (pip) May 17, 2022
The do_dump_data function in utils/opcontrol in OProfile 0.9.6 and earlier might allow local... Moderate Unreviewed
CVE-2011-2473 was published May 17, 2022
The configure script in D-Bus (aka DBus) 1.2.x before 1.2.28 allows local users to overwrite... Low Unreviewed
CVE-2011-2533 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database