GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
394 advisories
Filter by severity
The printing process can bypass local access protections to read files available through symlinks...
Moderate
Unreviewed
CVE-2018-5107
was published
May 14, 2022
The scheme48-send-definition function in cmuscheme48.el in Scheme 48 allows local users to write...
Moderate
Unreviewed
CVE-2014-4150
was published
May 14, 2022
Check_MK through 1.2.5i2p1 allows local users to read arbitrary files via a symlink attack to a...
Moderate
Unreviewed
CVE-2014-0243
was published
May 14, 2022
mtx-changer.Adic-Scalar-24 in bacula-common 2.4.2 allows local users to overwrite arbitrary files...
Moderate
Unreviewed
CVE-2008-5373
was published
May 14, 2022
elf/dl-load.c in ld.so in the GNU C Library (aka glibc or libc6) through 2.11.2, and 2.12.x...
Moderate
Unreviewed
CVE-2010-3847
was published
May 14, 2022
Enomaly Elastic Computing Platform (ECP), formerly Enomalism, before 2.1.1 allows local users to...
Moderate
Unreviewed
CVE-2008-4990
was published
May 14, 2022
ViArt Shop (aka Shopping Cart) 3.5 allows remote attackers to obtain sensitive information via a...
Moderate
Unreviewed
CVE-2008-6759
was published
May 14, 2022
ViArt Shop (aka Shopping Cart) 3.5 allows remote attackers to obtain sensitive information via an...
Moderate
Unreviewed
CVE-2008-6760
was published
May 14, 2022
mktexlsr revision 22855 through revision 36625 as packaged in texlive allows local users to write...
Moderate
Unreviewed
CVE-2015-5700
was published
May 14, 2022
The SplFileInfo::getType function in the Standard PHP Library (SPL) extension in PHP before 5.3.4...
Moderate
Unreviewed
CVE-2011-0754
was published
May 14, 2022
An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10...
Moderate
Unreviewed
CVE-2016-7619
was published
May 14, 2022
/etc/init.d/boot.localfs in the aaa_base package before 11.2-43.48.1 in SUSE openSUSE 11.2, and...
Moderate
Unreviewed
CVE-2011-0461
was published
May 14, 2022
The init script in kbd, possibly 1.14.1 and earlier, allows local users to overwrite arbitrary...
Moderate
Unreviewed
CVE-2011-0460
was published
May 14, 2022
GNU patch 2.7.1 allows remote attackers to write to arbitrary files via a symlink attack in a...
Moderate
Unreviewed
CVE-2015-1196
was published
May 14, 2022
CrashHouseKeeping in Crash Reporting in Apple iOS before 7.1 and Apple TV before 6.1 allows local...
Moderate
Unreviewed
CVE-2014-1272
was published
May 14, 2022
An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10...
Moderate
Unreviewed
CVE-2016-4679
was published
May 14, 2022
OpenFabrics ibutils 1.5.7 allows local users to overwrite arbitrary files via a symlink attack on...
Moderate
Unreviewed
CVE-2013-2561
was published
May 14, 2022
The (1) tomcat5, (2) tomcat6, and (3) tomcat7 init scripts, as used in the RPM distribution of...
Moderate
Unreviewed
CVE-2013-1976
was published
May 14, 2022
In supportutils, before version 3.1-5.7.1 and if pacemaker is installed on the system, an...
Moderate
Unreviewed
CVE-2018-19638
was published
May 14, 2022
Supportutils, before version 3.1-5.7.1, wrote data to static file /tmp/supp_log, allowing local...
Moderate
Unreviewed
CVE-2018-19637
was published
May 14, 2022
lxclock.c in LXC 1.1.2 and earlier allows local users to create arbitrary files via a symlink...
Moderate
Unreviewed
CVE-2015-1331
was published
May 14, 2022
keepalived 2.0.8 didn't check for pathnames with symlinks when writing data to a temporary file...
Moderate
Unreviewed
CVE-2018-19044
was published
May 14, 2022
ProFTPD before 1.3.5e and 1.3.6 before 1.3.6rc5 controls whether the home directory of a user...
Moderate
Unreviewed
CVE-2017-7418
was published
May 14, 2022
w3m through 0.5.3 does not properly handle temporary files when the ~/.w3m directory is...
Moderate
Unreviewed
CVE-2018-6198
was published
May 13, 2022
An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10...
Moderate
Unreviewed
CVE-2017-2390
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API