Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,196 advisories

Loading
The LockServer function in os/utils.c in X.Org xserver before 1.11.2 allows local users to... Low Unreviewed
CVE-2011-4028 was published May 13, 2022
NVIDIA Windows GPU Display driver contains a vulnerability in the 3D vision component in which... High Unreviewed
CVE-2019-5665 was published May 13, 2022
NVIDIA GeForce Experience before 3.18 contains a vulnerability when ShadowPlay or GameStream is... High Unreviewed
CVE-2019-5674 was published May 13, 2022
An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC)... High Unreviewed
CVE-2019-0841 was published May 13, 2022
An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly... High Unreviewed
CVE-2019-0572 was published May 13, 2022
An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly... High Unreviewed
CVE-2019-0574 was published May 13, 2022
An issue was discovered in H2 1.4.197. Insecure handling of permissions in the backup function... Moderate Unreviewed
CVE-2018-14335 was published May 13, 2022
In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory... High Unreviewed
CVE-2018-12015 was published May 13, 2022
Information leakage vulnerability in the administrative console in Dialogic PowerMedia XMS... High Unreviewed
CVE-2018-11637 was published May 13, 2022
RubyGems Link Following vulnerability High
CVE-2018-1000073 was published for org.jruby:jruby-stdlib (RubyGems) May 13, 2022
modules.d/90crypt/module-setup.sh in the dracut package before 037-17.30.1 in openSUSE 13.2... Low Unreviewed
CVE-2015-0794 was published May 13, 2022
A hard-link created from the log file of Check Point ZoneAlarm up to 15.4.062 to any file on the... High Unreviewed
CVE-2019-8455 was published May 13, 2022
mysqld_safe in Oracle MySQL through 5.5.51, 5.6.x through 5.6.32, and 5.7.x through 5.7.14;... High Unreviewed
CVE-2016-6664 was published May 13, 2022
FUSE, possibly 2.8.5 and earlier, allows local users to create mtab entries with arbitrary... Moderate Unreviewed
CVE-2010-3879 was published May 13, 2022
Improper Link Resolution Before File Access in pip Moderate
CVE-2013-1888 was published for pip (pip) May 13, 2022
The PEAR_REST class in REST.php in PEAR in PHP through 5.6.0 allows local users to write to... Low Unreviewed
CVE-2014-5459 was published May 13, 2022
It was found that versions of rpm before 4.13.0.2 use temporary files with predictable names when... High Unreviewed
CVE-2017-7501 was published May 13, 2022
instack-undercloud vulnerable to symlink attack on tmp files Moderate
CVE-2017-7549 was published for instack-undercloud (pip) May 13, 2022
libodm.a in IBM AIX 6.1 and 7.1, and VIOS 2.2.x, allows local users to overwrite arbitrary files... Moderate Unreviewed
CVE-2014-3977 was published May 13, 2022
A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to... High Unreviewed
CVE-2018-10897 was published May 13, 2022
The nginx package before 1.6.2-5+deb8u3 on Debian jessie, the nginx packages before 1.4.6... High Unreviewed
CVE-2016-1247 was published May 13, 2022
In the cron package through 3.0pl1-128 on Debian, and through 3.0pl1-128ubuntu2 on Ubuntu, the... Moderate Unreviewed
CVE-2017-9525 was published May 13, 2022
Puppet before 3.3.3 and 3.4 before 3.4.1 and Puppet Enterprise (PE) before 2.8.4 and 3.1 before 3... Low Unreviewed
CVE-2013-4969 was published May 13, 2022
The session_link_x11_socket function in login/logind-session.c in systemd-logind in systemd,... Moderate Unreviewed
CVE-2012-0871 was published May 13, 2022
systemd, when updating file permissions, allows local users to change the permissions and SELinux... Low Unreviewed
CVE-2013-4392 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database