Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,082 advisories

Loading
In supportutils, before version 3.1-5.7.1 and if pacemaker is installed on the system, an... Moderate Unreviewed
CVE-2018-19638 was published May 14, 2022
Supportutils, before version 3.1-5.7.1, wrote data to static file /tmp/supp_log, allowing local... Moderate Unreviewed
CVE-2018-19637 was published May 14, 2022
lxclock.c in LXC 1.1.2 and earlier allows local users to create arbitrary files via a symlink... Moderate Unreviewed
CVE-2015-1331 was published May 14, 2022
lxc-start in lxc before 1.0.8 and 1.1.x before 1.1.4 allows local container administrators to... High Unreviewed
CVE-2015-1335 was published May 14, 2022
keepalived 2.0.8 didn't check for pathnames with symlinks when writing data to a temporary file... Moderate Unreviewed
CVE-2018-19044 was published May 14, 2022
ProFTPD before 1.3.5e and 1.3.6 before 1.3.6rc5 controls whether the home directory of a user... Moderate Unreviewed
CVE-2017-7418 was published May 14, 2022
fish before 2.1.1 allows local users to write to arbitrary files via a symlink attack on (1) /tmp... High Unreviewed
CVE-2014-3219 was published May 13, 2022
w3m through 0.5.3 does not properly handle temporary files when the ~/.w3m directory is... Moderate Unreviewed
CVE-2018-6198 was published May 13, 2022
Unspecified tests in Lynis before 2.5.0 allow local users to write to arbitrary files or possibly... High Unreviewed
CVE-2017-8108 was published May 13, 2022
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10... High Unreviewed
CVE-2017-6981 was published May 13, 2022
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10... Moderate Unreviewed
CVE-2017-2390 was published May 13, 2022
In open buildservice 2.6 before 2.6.3, 2.5 before 2.5.7 and 2.4 before 2.4.8 the source service... High Unreviewed
CVE-2015-0796 was published May 13, 2022
A privilege escalation vulnerability was found in nagios 4.2.x that occurs in daemon-init.in when... High Unreviewed
CVE-2016-8641 was published May 13, 2022
A flaw was found in katello-debug before 3.4.0 where certain scripts and log files used insecure... Moderate Unreviewed
CVE-2016-9595 was published May 13, 2022
Qemu before version 2.9 is vulnerable to an improper link following when built with the VirtFS. A... High Unreviewed
CVE-2016-9602 was published May 13, 2022
In Kubernetes versions 1.3.x, 1.4.x, 1.5.x, 1.6.x and prior to versions 1.7.14, 1.8.9 and 1.9.4... Critical Unreviewed
CVE-2017-1002101 was published May 13, 2022
PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10, 9.4.x before 9.4.15, 9.3.x... High Unreviewed
CVE-2017-12172 was published May 13, 2022
A vulnerability in the web-based UI of Cisco Unified Communications Manager could allow an... Moderate Unreviewed
CVE-2017-12258 was published May 13, 2022
In yast2-multipath before version 4.1.1 a static temporary filename allows local attackers to... Moderate Unreviewed
CVE-2018-17955 was published May 13, 2022
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could... High Unreviewed
CVE-2018-1780 was published May 13, 2022
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could... High Unreviewed
CVE-2018-1781 was published May 13, 2022
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1... High Unreviewed
CVE-2018-1834 was published May 13, 2022
The main function in android_main.cpp in thermald allows local users to write to arbitrary files... Moderate Unreviewed
CVE-2014-2312 was published May 13, 2022
MySQL before 5.1.46 allows local users to delete the data and index files of another user's... Low Unreviewed
CVE-2010-1626 was published May 13, 2022
sql/sql_table.cc in MySQL 5.0.x through 5.0.88, 5.1.x through 5.1.41, and 6.0 before 6.0.9-alpha,... Moderate Unreviewed
CVE-2008-7247 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database