GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,614
Composer 5,007
Erlang 39
GitHub Actions 38
Go 2,638
Maven 6,105
npm 4,264
NuGet 760
pip 4,060
Pub 12
RubyGems 956
Rust 1,056
Swift 45

Unreviewed advisories

All unreviewed 277,015

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,201 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Certain setuid DB2 binaries in IBM DB2 before 9 Fix Pack 2 for Linux and Unix allow local users... Moderate Unreviewed

CVE-2007-1027 was published May 1, 2022

A flaw was found in chrony versions before 3.5.1 when creating the PID file under the /var/run... Low Unreviewed

CVE-2020-14367 was published May 24, 2022

Measuresoft ScadaPro Server and Client (All Versions) do not properly resolve links before file... Moderate Unreviewed

CVE-2022-2898 was published Sep 1, 2022

openexec in OpenBase SQL before 10.0.1 allows local users to create arbitrary files via a symlink... Low Unreviewed

CVE-2006-5851 was published May 1, 2022

Measuresoft ScadaPro Server and Client (All Versions) do not properly resolve links before file... High Unreviewed

CVE-2022-2897 was published Sep 1, 2022

rm_mlcache_file in bos.rte.install in AIX 5.1.0 through 5.3.0 allows local users to overwrite... Low Unreviewed

CVE-2006-1247 was published May 1, 2022

GNU Gnump3d before 2.9.8 allows local users to modify or delete arbitrary files via a symlink... Low Unreviewed

CVE-2005-3349 was published May 1, 2022

passwd in Directory Services in Mac OS X 10.3.x before 10.3.9 and 10.4.x before 10.4.5 allows... Moderate Unreviewed

CVE-2005-2714 was published May 1, 2022

Race condition in Java 1.4.2 before 1.4.2 Release 2 on Apple Mac OS X allows local users to... Low Unreviewed

CVE-2005-2527 was published May 1, 2022

The (1) kantiword (kantiword.sh) and (2) gantiword (gantiword.sh) scripts in antiword 0.35 and... Low Unreviewed

CVE-2005-3126 was published May 1, 2022

In vow, there is a possible information disclosure due to a symbolic link following. This could... Moderate Unreviewed

CVE-2022-26456 was published Sep 7, 2022

Local privilege escalation due to improper soft link handling. The following products are... High Unreviewed

CVE-2022-44747 was published Nov 8, 2022

A Symbolic Link (Symlink) Following vulnerability in the packaging of munin in openSUSE Factory,... High Unreviewed

CVE-2019-3694 was published May 24, 2022

UNIX Symbolic Link (Symlink) Following vulnerability in the trousers package of SUSE SUSE Linux... High Unreviewed

CVE-2019-18898 was published May 24, 2022

cvsupd.sh in CVSup 1.2 allows local users to overwrite arbitrary files and gain privileges via a... High Unreviewed

CVE-2002-2382 was published Apr 30, 2022

A symlink following vulnerability in the packaging of mailman in SUSE Linux Enterprise Server 11,... High Unreviewed

CVE-2019-3693 was published May 24, 2022

The tempname_ensure function in lib/routines.h in a2ps 4.14 and earlier, as used by the spy_user... Low Unreviewed

CVE-2001-1593 was published Apr 30, 2022

fetchmailconf in fetchmail before 5.7.4 allows local users to overwrite files of other users via... Low Unreviewed

CVE-2001-1378 was published Apr 30, 2022

DiskCheck script diskcheck.pl in Red Hat Linux 6.2 allows local users to create or overwrite... Low Unreviewed

CVE-2000-0715 was published Apr 30, 2022

htpasswd and htdigest in Apache 2.0a9, 1.3.14, and others allows local users to overwrite... Low Unreviewed

CVE-2001-0131 was published Apr 30, 2022

Windows Internet Naming Service (WINS) allows remote attackers to cause a denial of service ... High Unreviewed

CVE-1999-1593 was published Apr 30, 2022

wmFrog weather monitor 0.1.6 and other versions before 0.2.0 allows local users to overwrite... Low Unreviewed

CVE-2004-2473 was published Apr 29, 2022

In WIBU CodeMeter Runtime before 7.30a, creating a crafted CmDongles symbolic link will overwrite... High Unreviewed

CVE-2021-41057 was published May 24, 2022

Improper Link Resolution Before File Access ('Link Following') vulnerability in the EPAG... Moderate Unreviewed

CVE-2021-3641 was published May 24, 2022

A link following local privilege escalation vulnerability in Trend Micro Apex One and Trend Micro... High Unreviewed

CVE-2022-40143 was published Sep 20, 2022

Previous 1…36…49 Next

Previous 1 2 … 34 35 36 37 38 … 48 49 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,201 advisories