Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,002 advisories

Loading
Session fixation vulnerability in eggblog 3.1.0 and earlier allows remote attackers to hijack web... Moderate Unreviewed
CVE-2007-2978 was published May 1, 2022
Certain setuid DB2 binaries in IBM DB2 before 9 Fix Pack 2 for Linux and Unix allow local users... Moderate Unreviewed
CVE-2007-1027 was published May 1, 2022
openexec in OpenBase SQL before 10.0.1 allows local users to create arbitrary files via a symlink... Low Unreviewed
CVE-2006-5851 was published May 1, 2022
rm_mlcache_file in bos.rte.install in AIX 5.1.0 through 5.3.0 allows local users to overwrite... Low Unreviewed
CVE-2006-1247 was published May 1, 2022
GNU Gnump3d before 2.9.8 allows local users to modify or delete arbitrary files via a symlink... Low Unreviewed
CVE-2005-3349 was published May 1, 2022
The (1) kantiword (kantiword.sh) and (2) gantiword (gantiword.sh) scripts in antiword 0.35 and... Low Unreviewed
CVE-2005-3126 was published May 1, 2022
passwd in Directory Services in Mac OS X 10.3.x before 10.3.9 and 10.4.x before 10.4.5 allows... Moderate Unreviewed
CVE-2005-2714 was published May 1, 2022
Race condition in Java 1.4.2 before 1.4.2 Release 2 on Apple Mac OS X allows local users to... Low Unreviewed
CVE-2005-2527 was published May 1, 2022
linki.py in ekg 2005-06-05 and earlier allows local users to overwrite or create arbitrary files... Low Unreviewed
CVE-2005-1916 was published May 1, 2022
LutelWall 0.97 and earlier allows local users to overwrite arbitrary files via a symlink attack... Low Unreviewed
CVE-2005-1879 was published May 1, 2022
everybuddy 0.4.3 and earlier allows local users to overwrite arbitrary files via a symlink attack... Low Unreviewed
CVE-2005-1880 was published May 1, 2022
The internal_dump function in Mathopd before 1.5p5, and 1.6x before 1.6b6 BETA, when Mathopd is... Low Unreviewed
CVE-2005-0824 was published May 1, 2022
Firefox before 1.0.1 and Mozilla before 1.7.6 allows remote malicious web sites to overwrite... Low Unreviewed
CVE-2005-0587 was published May 1, 2022
The mysqlaccess script in MySQL 4.0.23 and earlier, 4.1.x before 4.1.10, 5.0.x before 5.0.3, and... Moderate Unreviewed
CVE-2005-0004 was published May 1, 2022
cvsupd.sh in CVSup 1.2 allows local users to overwrite arbitrary files and gain privileges via a... High Unreviewed
CVE-2002-2382 was published Apr 30, 2022
Sun PC NetLink 1.0 through 1.2 does not properly set the access control list (ACL) for files and... Moderate Unreviewed
CVE-2002-2323 was published Apr 30, 2022
Hard link and possibly symbolic link following vulnerabilities in QNX RTOS 4.25 (aka QNX4) allow... Moderate Unreviewed
CVE-2002-0793 was published Apr 30, 2022
NTFS file system in Windows NT 4.0 and Windows 2000 SP2 allows local attackers to hide file usage... Moderate Unreviewed
CVE-2002-0725 was published Apr 30, 2022
The tempname_ensure function in lib/routines.h in a2ps 4.14 and earlier, as used by the spy_user... Low Unreviewed
CVE-2001-1593 was published Apr 30, 2022
script command in the util-linux package before 2.11n allows local users to overwrite arbitrary... Low Unreviewed
CVE-2001-1494 was published Apr 30, 2022
WFTPD 3.00 allows remote attackers to read arbitrary files by uploading a (link) file that ends... Moderate Unreviewed
CVE-2001-1386 was published Apr 30, 2022
fetchmailconf in fetchmail before 5.7.4 allows local users to overwrite files of other users via... Low Unreviewed
CVE-2001-1378 was published Apr 30, 2022
ArGoSoft FTP Server 1.2.2.2 allows remote attackers to read arbitrary files and directories by... Moderate Unreviewed
CVE-2001-1043 was published Apr 30, 2022
Transsoft Broker 5.9.5.0 allows remote attackers to read arbitrary files and directories by... Moderate Unreviewed
CVE-2001-1042 was published Apr 30, 2022
htpasswd and htdigest in Apache 2.0a9, 1.3.14, and others allows local users to overwrite... Low Unreviewed
CVE-2001-0131 was published Apr 30, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database