Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,196 advisories

Loading
A privilege escalation vulnerability was found in nagios 4.2.x that occurs in daemon-init.in when... High Unreviewed
CVE-2016-8641 was published May 13, 2022
A flaw was found in katello-debug before 3.4.0 where certain scripts and log files used insecure... Moderate Unreviewed
CVE-2016-9595 was published May 13, 2022
Qemu before version 2.9 is vulnerable to an improper link following when built with the VirtFS. A... High Unreviewed
CVE-2016-9602 was published May 13, 2022
In Kubernetes versions 1.3.x, 1.4.x, 1.5.x, 1.6.x and prior to versions 1.7.14, 1.8.9 and 1.9.4... Critical Unreviewed
CVE-2017-1002101 was published May 13, 2022
PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10, 9.4.x before 9.4.15, 9.3.x... High Unreviewed
CVE-2017-12172 was published May 13, 2022
A vulnerability in the web-based UI of Cisco Unified Communications Manager could allow an... Moderate Unreviewed
CVE-2017-12258 was published May 13, 2022
In yast2-multipath before version 4.1.1 a static temporary filename allows local attackers to... Moderate Unreviewed
CVE-2018-17955 was published May 13, 2022
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could... High Unreviewed
CVE-2018-1780 was published May 13, 2022
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could... High Unreviewed
CVE-2018-1781 was published May 13, 2022
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1... High Unreviewed
CVE-2018-1834 was published May 13, 2022
The main function in android_main.cpp in thermald allows local users to write to arbitrary files... Moderate Unreviewed
CVE-2014-2312 was published May 13, 2022
sql/sql_table.cc in MySQL 5.0.x through 5.0.88, 5.1.x through 5.1.41, and 6.0 before 6.0.9-alpha,... Moderate Unreviewed
CVE-2008-7247 was published May 13, 2022
MySQL before 5.1.46 allows local users to delete the data and index files of another user's... Low Unreviewed
CVE-2010-1626 was published May 13, 2022
PGTStorage/pgt-file.php in phpCAS before 1.1.3, when proxy mode is enabled, allows local users to... Low Unreviewed
CVE-2010-3691 was published May 13, 2022
The changelog command in Apt before 1.0.9.2 allows local users to write to arbitrary files via a... Low Unreviewed
CVE-2014-7206 was published May 13, 2022
The installer in PEAR before 1.9.2 allows local users to overwrite arbitrary files via a symlink... Low Unreviewed
CVE-2011-1072 was published May 13, 2022
The installer in PEAR 1.9.2 and earlier allows local users to overwrite arbitrary files via a... Low Unreviewed
CVE-2011-1144 was published May 13, 2022
The feh_unique_filename function in utils.c in feh 1.11.2 and earlier might allow local users to... Low Unreviewed
CVE-2011-1031 was published May 13, 2022
The feh_unique_filename function in utils.c in feh before 1.11.2 might allow local users to... Low Unreviewed
CVE-2011-0702 was published May 13, 2022
perltidy through 20160302, as used by perlcritic, check-all-the-things, and other software,... Moderate Unreviewed
CVE-2016-10374 was published May 13, 2022
Monkey HTTP Daemon 0.9.3 might allow local users to overwrite arbitrary files via a symlink... Moderate Unreviewed
CVE-2012-5303 was published May 13, 2022
The setpermissions function in the auto-updater in Arq before 5.9.7 for Mac allows local users to... High Unreviewed
CVE-2017-15357 was published May 13, 2022
Directory traversal vulnerability in the WordPress Download Manager plugin for WordPress allows... Moderate Unreviewed
CVE-2014-8585 was published May 13, 2022
rsync 3.1.1 allows remote attackers to write to arbitrary files via a symlink attack on a file in... Moderate Unreviewed
CVE-2014-9512 was published May 13, 2022
The mountpoint_last function in fs/namei.c in the Linux kernel before 3.15.8 does not properly... Moderate Unreviewed
CVE-2014-5045 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database