Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,196 advisories

Loading
Mathematica 7, when running on Linux, allows local users to overwrite arbitrary files via a... Low Unreviewed
CVE-2010-2027 was published May 14, 2022
elf/dl-load.c in ld.so in the GNU C Library (aka glibc or libc6) through 2.11.2, and 2.12.x... Moderate Unreviewed
CVE-2010-3847 was published May 14, 2022
Enomaly Elastic Computing Platform (ECP), formerly Enomalism, before 2.1.1 allows local users to... Moderate Unreviewed
CVE-2008-4990 was published May 14, 2022
/bin/login in shadow 4.0.18.1 in Debian GNU/Linux, and probably other Linux distributions, allows... High Unreviewed
CVE-2008-5394 was published May 14, 2022
ViArt Shop (aka Shopping Cart) 3.5 allows remote attackers to obtain sensitive information via a... Moderate Unreviewed
CVE-2008-6759 was published May 14, 2022
ViArt Shop (aka Shopping Cart) 3.5 allows remote attackers to obtain sensitive information via an... Moderate Unreviewed
CVE-2008-6760 was published May 14, 2022
mktexlsr revision 22855 through revision 36625 as packaged in texlive allows local users to write... Moderate Unreviewed
CVE-2015-5700 was published May 14, 2022
Denial of service via crafting malicious link and sending it to a privileged user can cause... High Unreviewed
CVE-2018-15351 was published May 14, 2022
The SplFileInfo::getType function in the Standard PHP Library (SPL) extension in PHP before 5.3.4... Moderate Unreviewed
CVE-2011-0754 was published May 14, 2022
An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10... Moderate Unreviewed
CVE-2016-7619 was published May 14, 2022
The init script in kbd, possibly 1.14.1 and earlier, allows local users to overwrite arbitrary... Moderate Unreviewed
CVE-2011-0460 was published May 14, 2022
/etc/init.d/boot.localfs in the aaa_base package before 11.2-43.48.1 in SUSE openSUSE 11.2, and... Moderate Unreviewed
CVE-2011-0461 was published May 14, 2022
The GetHTMLRunDir function in the scan-build utility in Clang 3.5 and earlier allows local users... Low Unreviewed
CVE-2014-2893 was published May 14, 2022
The _rl_tropen function in util.c in GNU readline before 6.3 patch 3 allows local users to create... Low Unreviewed
CVE-2014-2524 was published May 14, 2022
eyeD3 is vulnerable to arbitrary file modification via symlink attack Moderate
CVE-2014-1934 was published for eyeD3 (pip) May 14, 2022
Improper Link Resolution Before File Access in logilab-commons High
CVE-2014-1838 was published for logilab-common (pip) May 14, 2022
Gummi 0.6.5 allows local users to write to arbitrary files via a symlink attack on a temporary... Low Unreviewed
CVE-2015-7758 was published May 14, 2022
GNU Parallel before 20150522 (Nepal), when using (1) --cat or (2) --fifo with --sshlogin, allows... Low Unreviewed
CVE-2015-4156 was published May 14, 2022
GNU patch 2.7.1 allows remote attackers to write to arbitrary files via a symlink attack in a... Moderate Unreviewed
CVE-2015-1196 was published May 14, 2022
The MOTD update script in the base-files package in Ubuntu 18.04 LTS before 10.1ubuntu2.2, and... High Unreviewed
CVE-2018-6557 was published May 14, 2022
base/logging.c in Nagios Core before 4.2.4 allows local users with access to an account in the... High Unreviewed
CVE-2016-9566 was published May 14, 2022
The LHA.sys driver before 1.1.1811.2101 in LG Device Manager exposes functionality that allows... High Unreviewed
CVE-2019-8372 was published May 14, 2022
Phusion Passenger SpawningKit Contains Arbitrary Read/Write Vulnerability Critical
CVE-2018-12026 was published for passenger (RubyGems) May 14, 2022
CrashHouseKeeping in Crash Reporting in Apple iOS before 7.1 and Apple TV before 6.1 allows local... Moderate Unreviewed
CVE-2014-1272 was published May 14, 2022
syslogd in the syslog subsystem in Apple iOS before 8 and Apple TV before 7 allows local users to... Low Unreviewed
CVE-2014-4372 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database