Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

155 advisories

Loading
alsa-utils 1.0.19 and later versions allows local users to overwrite arbitrary files via a... Low Unreviewed
CVE-2009-0035 was published Apr 21, 2022
Privilege Escalation vulnerability in McAfee Total Protection (MTP) before 16.0.R26 allows local... Low Unreviewed
CVE-2020-7282 was published May 24, 2022
emesenelib/ProfileManager.py in emesene before 1.6.2 allows local users to overwrite arbitrary... Low Unreviewed
CVE-2010-2053 was published May 17, 2022
The SmartPoster implementation on the Nokia 6131 Near Field Communication (NFC) phone with 05.12... Low Unreviewed
CVE-2008-5825 was published May 17, 2022
senddoc in OpenOffice.org (OOo) 2.4.1 allows local users to overwrite arbitrary files via a... Low Unreviewed
CVE-2008-4937 was published May 17, 2022
maps/Info/combine.pl in CrossFire crossfire-maps 1.11.0 allows local users to overwrite arbitrary... Low Unreviewed
CVE-2008-4908 was published May 17, 2022
vzctl before 4.9.4 determines the virtual environment (VE) layout based on the presence of root... Low Unreviewed
CVE-2015-6927 was published May 17, 2022
The web interface in CUPS 1.7.4 allows local users in the lp group to read arbitrary files via a... Low Unreviewed
CVE-2014-5029 was published May 17, 2022
acinclude.m4, as used in the configure script in PHP 5.5.13 and earlier, allows local users to... Low Unreviewed
CVE-2014-3981 was published May 17, 2022
CUPS before 2.0 allows local users to read arbitrary files via a symlink attack on (1) index.html... Low Unreviewed
CVE-2014-5030 was published May 17, 2022
GNU Parallel before 20150422, when using (1) --pipe, (2) --tmux, (3) --cat, (4) --fifo, or (5) -... Low Unreviewed
CVE-2015-4155 was published May 17, 2022
lib/parse_ini.c in Nagios Plugins 2.0.2 allows local users to obtain sensitive information via a... Low Unreviewed
CVE-2014-4703 was published May 17, 2022
svnwcsub.py in Subversion 1.8.0 before 1.8.3, when using the --pidfile option and running in... Low Unreviewed
CVE-2013-4262 was published May 17, 2022
The daemonize.py module in Subversion 1.8.0 before 1.8.2 allows local users to gain privileges... Low Unreviewed
CVE-2013-7393 was published May 17, 2022
lisp/net/browse-url.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary... Low Unreviewed
CVE-2014-3423 was published May 17, 2022
lisp/gnus/gnus-fun.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary... Low Unreviewed
CVE-2014-3421 was published May 17, 2022
lisp/emacs-lisp/find-gc.el in GNU Emacs 24.3 and earlier allows local users to overwrite... Low Unreviewed
CVE-2014-3422 was published May 17, 2022
lisp/net/tramp-sh.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary... Low Unreviewed
CVE-2014-3424 was published May 17, 2022
Cool Projects TarDiff allows local users to write to arbitrary files via a symlink attack on a... Low Unreviewed
CVE-2015-0858 was published May 17, 2022
The undo save quit routine in the kernel in Blender 2.5, 2.63a, and earlier allows local users to... Low Unreviewed
CVE-2010-5105 was published May 17, 2022
The Qualcomm Innovation Center (QuIC) init scripts in Code Aurora Forum (CAF) releases of Android... Low Unreviewed
CVE-2013-6124 was published May 17, 2022
include/tests_webservers in Lynis before 1.5.5 allows local users to overwrite arbitrary files... Low Unreviewed
CVE-2014-3986 was published May 17, 2022
include/tests_webservers in Lynis before 1.5.5 on AIX allows local users to overwrite arbitrary... Low Unreviewed
CVE-2014-3982 was published May 17, 2022
The openTempFile function in goo/gfile.cc in Xpdf and Poppler 0.24.3 and earlier, when running on... Low Unreviewed
CVE-2013-4472 was published May 17, 2022
DistUpgrade/DistUpgradeViewKDE.py in Update Manager before 1:0.87.31.1, 1:0.134.x before 1:0.134... Low Unreviewed
CVE-2011-3154 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database