GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
433 advisories
Filter by severity
Kevin Backhouse discovered that apport would read a user-supplied configuration file with...
Moderate
Unreviewed
CVE-2019-11481
was published
May 24, 2022
daemon/abrt-handle-upload.in in Automatic Bug Reporting Tool (ABRT), when moving problem reports...
Moderate
Unreviewed
CVE-2015-3147
was published
May 24, 2022
Dell Command Update versions prior to 3.1 contain an Arbitrary File Deletion Vulnerability. A...
Moderate
Unreviewed
CVE-2019-3750
was published
May 24, 2022
The quarantine restoration function in Total Defense Anti-virus 11.5.2.28 is vulnerable to...
Moderate
Unreviewed
CVE-2019-18645
was published
May 24, 2022
Podman Symlink Vulnerability
Moderate
CVE-2019-18466
was published
for
github.com/containers/podman/v4
(Go)
May 24, 2022
In Avast Antivirus before 19.4, a local administrator can trick the product into renaming...
Moderate
Unreviewed
CVE-2019-11230
was published
May 24, 2022
In GNU patch through 2.7.6, the following of symlinks is mishandled in certain cases other than...
Moderate
Unreviewed
CVE-2019-13636
was published
May 24, 2022
deepin-clone before 1.1.3 uses a fixed path /tmp/partclone.log in the Helper:...
Moderate
Unreviewed
CVE-2019-13229
was published
May 24, 2022
In GUI mode, deepin-clone before 1.1.3 creates a log file at the fixed path /tmp/.deepin-clone...
Moderate
Unreviewed
CVE-2019-13227
was published
May 24, 2022
deepin-clone before 1.1.3 uses a fixed path /tmp/repo.iso in the BootDoctor::fix() function to...
Moderate
Unreviewed
CVE-2019-13228
was published
May 24, 2022
Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server
Moderate
CVE-2022-24904
was published
for
github.com/argoproj/argo-cd/v2
(Go)
May 23, 2022
** DISPUTED ** postinst in twiki 4.1.2 allows local users to overwrite arbitrary files via a...
Moderate
Unreviewed
CVE-2008-4998
was published
May 17, 2022
pscal in xcal 4.1 allows local users to overwrite arbitrary files via a symlink attack on a /tmp...
Moderate
Unreviewed
CVE-2008-4988
was published
May 17, 2022
** DISPUTED ** init in initramfs-tools 0.92f allows local users to overwrite arbitrary files via...
Moderate
Unreviewed
CVE-2008-4996
was published
May 17, 2022
** DISPUTED ** postfix_groups.pl in Postfix 2.5.2 allows local users to overwrite arbitrary...
Moderate
Unreviewed
CVE-2008-4977
was published
May 17, 2022
** DISPUTED ** master-filter in printfilters-ppd 2.13 allows local users to overwrite arbitrary...
Moderate
Unreviewed
CVE-2008-5034
was published
May 17, 2022
** DISPUTED ** dfxml-invoice in datafreedom-perl 0.1.7 allows local users to overwrite arbitrary...
Moderate
Unreviewed
CVE-2008-4997
was published
May 17, 2022
test_parser.py in mayavi 1.5 allows local users to overwrite arbitrary files via a symlink attack...
Moderate
Unreviewed
CVE-2008-5151
was published
May 17, 2022
** DISPUTED ** os-prober in os-prober 1.17 allows local users to overwrite arbitrary files via a...
Moderate
Unreviewed
CVE-2008-5135
was published
May 17, 2022
add-accession-numbers in ctn 3.0.6 allows local users to overwrite arbitrary files via a symlink...
Moderate
Unreviewed
CVE-2008-5146
was published
May 17, 2022
sdm-login in sdm-terminal 0.4.0b allows local users to overwrite arbitrary files via a symlink...
Moderate
Unreviewed
CVE-2008-5372
was published
May 17, 2022
netdisco-mibs-installer 1.0 allows local users to overwrite arbitrary files via a symlink attack...
Moderate
Unreviewed
CVE-2008-5379
was published
May 17, 2022
noip2 in noip2 2.1.7 allows local users to overwrite arbitrary files via a symlink attack on the ...
Moderate
Unreviewed
CVE-2008-5369
was published
May 17, 2022
sch2eaglepos.sh in geda-gnetlist 1.4.0 allows local users to overwrite arbitrary files via a...
Moderate
Unreviewed
CVE-2008-5148
was published
May 17, 2022
mgt-helper in multi-gnome-terminal 1.6.2 allows local users to overwrite arbitrary files via a...
Moderate
Unreviewed
CVE-2008-5143
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API