GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,107
Composer 4,077
Erlang 29
GitHub Actions 19
Go 1,903
Maven 5,102
npm 3,634
NuGet 638
pip 3,249
Pub 10
RubyGems 867
Rust 819
Swift 35

Unreviewed advisories

All unreviewed 228,572

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

155 advisories

Filter by severity

Sort by

Least recently updated

The runtime linker in QNX Neutrino RTOS 6.5.0 before Service Pack 1 does not properly clear the... Low Unreviewed

CVE-2011-4060 was published May 17, 2022

crontab.c in crontab in FreeBSD and Apple Mac OS X allows local users to (1) determine the... Low Unreviewed

CVE-2011-1073 was published May 14, 2022

Mathematica 7, when running on Linux, allows local users to overwrite arbitrary files via a... Low Unreviewed

CVE-2010-2027 was published May 14, 2022

The GetHTMLRunDir function in the scan-build utility in Clang 3.5 and earlier allows local users... Low Unreviewed

CVE-2014-2893 was published May 14, 2022

The _rl_tropen function in util.c in GNU readline before 6.3 patch 3 allows local users to create... Low Unreviewed

CVE-2014-2524 was published May 14, 2022

Gummi 0.6.5 allows local users to write to arbitrary files via a symlink attack on a temporary... Low Unreviewed

CVE-2015-7758 was published May 14, 2022

GNU Parallel before 20150522 (Nepal), when using (1) --cat or (2) --fifo with --sshlogin, allows... Low Unreviewed

CVE-2015-4156 was published May 14, 2022

syslogd in the syslog subsystem in Apple iOS before 8 and Apple TV before 7 allows local users to... Low Unreviewed

CVE-2014-4372 was published May 14, 2022

PGTStorage/pgt-file.php in phpCAS before 1.1.3, when proxy mode is enabled, allows local users to... Low Unreviewed

CVE-2010-3691 was published May 13, 2022

The changelog command in Apt before 1.0.9.2 allows local users to write to arbitrary files via a... Low Unreviewed

CVE-2014-7206 was published May 13, 2022

The installer in PEAR before 1.9.2 allows local users to overwrite arbitrary files via a symlink... Low Unreviewed

CVE-2011-1072 was published May 13, 2022

The installer in PEAR 1.9.2 and earlier allows local users to overwrite arbitrary files via a... Low Unreviewed

CVE-2011-1144 was published May 13, 2022

The feh_unique_filename function in utils.c in feh before 1.11.2 might allow local users to... Low Unreviewed

CVE-2011-0702 was published May 13, 2022

The feh_unique_filename function in utils.c in feh 1.11.2 and earlier might allow local users to... Low Unreviewed

CVE-2011-1031 was published May 13, 2022

The LockServer function in os/utils.c in X.Org xserver before 1.11.2 allows local users to... Low Unreviewed

CVE-2011-4028 was published May 13, 2022

modules.d/90crypt/module-setup.sh in the dracut package before 037-17.30.1 in openSUSE 13.2... Low Unreviewed

CVE-2015-0794 was published May 13, 2022

The PEAR_REST class in REST.php in PEAR in PHP through 5.6.0 allows local users to write to... Low Unreviewed

CVE-2014-5459 was published May 13, 2022

Puppet before 3.3.3 and 3.4 before 3.4.1 and Puppet Enterprise (PE) before 2.8.4 and 3.1 before 3... Low Unreviewed

CVE-2013-4969 was published May 13, 2022

systemd, when updating file permissions, allows local users to change the permissions and SELinux... Low Unreviewed

CVE-2013-4392 was published May 13, 2022

Perl module Data::UUID from CPAN version 1.219 vulnerable to symlink attacks Low Unreviewed

CVE-2013-4184 was published May 5, 2022

libs/updater.py in GoLismero 0.6.3, and other versions before Git revision 2b3bb43d6867, as used... Low Unreviewed

CVE-2012-0054 was published May 4, 2022

pimd 2.1.5 and possibly earlier versions allows user-assisted local users to overwrite arbitrary... Low Unreviewed

CVE-2011-0007 was published May 3, 2022

The SPICE Firefox plug-in (spice-xpi) 2.4, 2.3, 2.2, and possibly other versions allows local... Low Unreviewed

CVE-2011-0012 was published May 3, 2022

contrib/pdfmark/pdfroff.sh in GNU troff (aka groff) before 1.21 allows local users to overwrite... Low Unreviewed

CVE-2009-5044 was published May 3, 2022

The sort_offline function for texindex in texinfo 4.8 and earlier allows local users to overwrite... Low Unreviewed

CVE-2005-3011 was published May 3, 2022

Previous 1 2 3 4 5 6 7 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

155 advisories