GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
981 advisories
Filter by severity
wml_backend/p1_ipp/ipp.src in Website META Language (WML) 2.0.11 allows local users to overwrite...
Low
Unreviewed
CVE-2008-0665
was published
May 1, 2022
Website META Language (WML) 2.0.11 allows local users to overwrite arbitrary files via a symlink...
Low
Unreviewed
CVE-2008-0666
was published
May 1, 2022
Open redirect vulnerability in htdocs/user.php in XOOPS 2.0.18 allows remote attackers to...
Moderate
Unreviewed
CVE-2008-0613
was published
May 1, 2022
PatchLink Update client for Unix, as used by Novell ZENworks Patch Management Update Agent for...
Moderate
Unreviewed
CVE-2008-0525
was published
May 1, 2022
The write_array_file function in utils/include.pl in GForge 4.5.14 updates configuration files by...
Moderate
Unreviewed
CVE-2008-0167
was published
May 1, 2022
Linux kernel 2.6, when using vservers, allows local users to access resources of other vservers...
Moderate
Unreviewed
CVE-2008-0163
was published
May 1, 2022
Open redirect vulnerability in Menalto Gallery before 2.2.4 allows remote attackers to redirect...
Moderate
Unreviewed
CVE-2007-6692
was published
May 1, 2022
ClamAV 0.92 allows local users to overwrite arbitrary files via a symlink attack on (1) temporary...
Low
Unreviewed
CVE-2007-6595
was published
May 1, 2022
sylprint.pl in claws mail tools (claws-mail-tools) allows local users to overwrite arbitrary...
Low
Unreviewed
CVE-2007-6208
was published
May 1, 2022
Audacity 1.3.2 creates a temporary directory with a predictable name without checking for...
Moderate
Unreviewed
CVE-2007-6061
was published
May 1, 2022
feynmf.pl in feynmf 1.08, as used in TeXLive 2007, allows local users to overwrite arbitrary...
Moderate
Unreviewed
CVE-2007-5940
was published
May 1, 2022
The e_hostname function in commands.c in BitchX 1.1a allows local users to overwrite arbitrary...
Moderate
Unreviewed
CVE-2007-5839
was published
May 1, 2022
vobcopy 0.5.14 allows local users to append data to an arbitrary file, or create an arbitrary new...
Moderate
Unreviewed
CVE-2007-5718
was published
May 1, 2022
Open redirect vulnerability in command.php in SiteBar 3.3.8 allows remote attackers to redirect...
Moderate
Unreviewed
CVE-2007-5695
was published
May 1, 2022
db2dasrrm in the DB2 Administration Server (DAS) in IBM DB2 Universal Database 9.5 before Fix...
Moderate
Unreviewed
CVE-2007-5664
was published
May 1, 2022
sealert in setroubleshoot 2.0.5 allows local users to overwrite arbitrary files via a symlink...
Moderate
Unreviewed
CVE-2007-5495
was published
May 1, 2022
The web console in CA (formerly Computer Associates) eTrust ITM (Threat Manager) 8.1 allows...
Moderate
Unreviewed
CVE-2007-5437
was published
May 1, 2022
The (1) tramp-make-temp-file and (2) tramp-make-tramp-temp-file functions in Tramp 2.1.10...
Moderate
Unreviewed
CVE-2007-5377
was published
May 1, 2022
guilt 0.27 allows local users to overwrite arbitrary files via a symlink attack on a guilt.log....
Low
Unreviewed
CVE-2007-5207
was published
May 1, 2022
hugin, as used on various operating systems including SUSE openSUSE 10.2 and 10.3, allows local...
Low
Unreviewed
CVE-2007-5200
was published
May 1, 2022
cp, when running with an option to preserve symlinks on multiple OSes, allows local, user...
Moderate
Unreviewed
CVE-2007-4998
was published
May 1, 2022
The session extension in PHP before 5.2.4 might allow local users to bypass open_basedir...
Moderate
Unreviewed
CVE-2007-4652
was published
May 1, 2022
The DataLoader::doStart function in dataloader.cpp in QGit 1.5.6 and other versions up to 2pre1...
Moderate
Unreviewed
CVE-2007-4631
was published
May 1, 2022
KDE Konqueror 3.5.7 allows remote attackers to spoof the URL address bar by calling setInterval...
Moderate
Unreviewed
CVE-2007-4224
was published
May 1, 2022
CoolKey 1.1.0 allows local users to overwrite arbitrary files via a symlink attack on temporary...
Low
Unreviewed
CVE-2007-4129
was published
May 1, 2022
ProTip!
Advisories are also available from the
GraphQL API