Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,362
Erlang
33
GitHub Actions
22
Go
2,131
Maven
5,000+
npm
3,795
NuGet
686
pip
3,473
Pub
12
RubyGems
896
Rust
894
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

420 advisories

Loading
The e_hostname function in commands.c in BitchX 1.1a allows local users to overwrite arbitrary... Moderate Unreviewed
CVE-2007-5839 was published May 1, 2022
vobcopy 0.5.14 allows local users to append data to an arbitrary file, or create an arbitrary new... Moderate Unreviewed
CVE-2007-5718 was published May 1, 2022
Open redirect vulnerability in command.php in SiteBar 3.3.8 allows remote attackers to redirect... Moderate Unreviewed
CVE-2007-5695 was published May 1, 2022
db2dasrrm in the DB2 Administration Server (DAS) in IBM DB2 Universal Database 9.5 before Fix... Moderate Unreviewed
CVE-2007-5664 was published May 1, 2022
sealert in setroubleshoot 2.0.5 allows local users to overwrite arbitrary files via a symlink... Moderate Unreviewed
CVE-2007-5495 was published May 1, 2022
The web console in CA (formerly Computer Associates) eTrust ITM (Threat Manager) 8.1 allows... Moderate Unreviewed
CVE-2007-5437 was published May 1, 2022
The (1) tramp-make-temp-file and (2) tramp-make-tramp-temp-file functions in Tramp 2.1.10... Moderate Unreviewed
CVE-2007-5377 was published May 1, 2022
cp, when running with an option to preserve symlinks on multiple OSes, allows local, user... Moderate Unreviewed
CVE-2007-4998 was published May 1, 2022
The session extension in PHP before 5.2.4 might allow local users to bypass open_basedir... Moderate Unreviewed
CVE-2007-4652 was published May 1, 2022
The DataLoader::doStart function in dataloader.cpp in QGit 1.5.6 and other versions up to 2pre1... Moderate Unreviewed
CVE-2007-4631 was published May 1, 2022
KDE Konqueror 3.5.7 allows remote attackers to spoof the URL address bar by calling setInterval... Moderate Unreviewed
CVE-2007-4224 was published May 1, 2022
(1) xenbaked and (2) xenmon.py in Xen 3.1 and earlier allow local users to truncate arbitrary... Moderate Unreviewed
CVE-2007-3919 was published May 1, 2022
The main function in skkdic-expr.c in SKK Tools 1.2 allows local users to overwrite or delete... Moderate Unreviewed
CVE-2007-3916 was published May 1, 2022
The init.d script for the X.Org X11 xfs font server on various Linux distributions might allow... Moderate Unreviewed
CVE-2007-3103 was published May 1, 2022
Session fixation vulnerability in eggblog 3.1.0 and earlier allows remote attackers to hijack web... Moderate Unreviewed
CVE-2007-2978 was published May 1, 2022
Certain setuid DB2 binaries in IBM DB2 before 9 Fix Pack 2 for Linux and Unix allow local users... Moderate Unreviewed
CVE-2007-1027 was published May 1, 2022
passwd in Directory Services in Mac OS X 10.3.x before 10.3.9 and 10.4.x before 10.4.5 allows... Moderate Unreviewed
CVE-2005-2714 was published May 1, 2022
The mysqlaccess script in MySQL 4.0.23 and earlier, 4.1.x before 4.1.10, 5.0.x before 5.0.3, and... Moderate Unreviewed
CVE-2005-0004 was published May 1, 2022
Sun PC NetLink 1.0 through 1.2 does not properly set the access control list (ACL) for files and... Moderate Unreviewed
CVE-2002-2323 was published Apr 30, 2022
Hard link and possibly symbolic link following vulnerabilities in QNX RTOS 4.25 (aka QNX4) allow... Moderate Unreviewed
CVE-2002-0793 was published Apr 30, 2022
NTFS file system in Windows NT 4.0 and Windows 2000 SP2 allows local attackers to hide file usage... Moderate Unreviewed
CVE-2002-0725 was published Apr 30, 2022
WFTPD 3.00 allows remote attackers to read arbitrary files by uploading a (link) file that ends... Moderate Unreviewed
CVE-2001-1386 was published Apr 30, 2022
ArGoSoft FTP Server 1.2.2.2 allows remote attackers to read arbitrary files and directories by... Moderate Unreviewed
CVE-2001-1043 was published Apr 30, 2022
Transsoft Broker 5.9.5.0 allows remote attackers to read arbitrary files and directories by... Moderate Unreviewed
CVE-2001-1042 was published Apr 30, 2022
Eudora 4.x allows remote attackers to bypass the user warning for executable attachments such as ... Moderate Unreviewed
CVE-2000-0342 was published Apr 30, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database