GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
162 advisories
Filter by severity
alsa-utils 1.0.19 and later versions allows local users to overwrite arbitrary files via a...
Low
Unreviewed
CVE-2009-0035
was published
Apr 21, 2022
Privilege Escalation vulnerability in McAfee Total Protection (MTP) before 16.0.R26 allows local...
Low
Unreviewed
CVE-2020-7282
was published
May 24, 2022
emesenelib/ProfileManager.py in emesene before 1.6.2 allows local users to overwrite arbitrary...
Low
Unreviewed
CVE-2010-2053
was published
May 17, 2022
The SmartPoster implementation on the Nokia 6131 Near Field Communication (NFC) phone with 05.12...
Low
Unreviewed
CVE-2008-5825
was published
May 17, 2022
senddoc in OpenOffice.org (OOo) 2.4.1 allows local users to overwrite arbitrary files via a...
Low
Unreviewed
CVE-2008-4937
was published
May 17, 2022
maps/Info/combine.pl in CrossFire crossfire-maps 1.11.0 allows local users to overwrite arbitrary...
Low
Unreviewed
CVE-2008-4908
was published
May 17, 2022
vzctl before 4.9.4 determines the virtual environment (VE) layout based on the presence of root...
Low
Unreviewed
CVE-2015-6927
was published
May 17, 2022
The web interface in CUPS 1.7.4 allows local users in the lp group to read arbitrary files via a...
Low
Unreviewed
CVE-2014-5029
was published
May 17, 2022
acinclude.m4, as used in the configure script in PHP 5.5.13 and earlier, allows local users to...
Low
Unreviewed
CVE-2014-3981
was published
May 17, 2022
CUPS before 2.0 allows local users to read arbitrary files via a symlink attack on (1) index.html...
Low
Unreviewed
CVE-2014-5030
was published
May 17, 2022
GNU Parallel before 20150422, when using (1) --pipe, (2) --tmux, (3) --cat, (4) --fifo, or (5) -...
Low
Unreviewed
CVE-2015-4155
was published
May 17, 2022
lib/parse_ini.c in Nagios Plugins 2.0.2 allows local users to obtain sensitive information via a...
Low
Unreviewed
CVE-2014-4703
was published
May 17, 2022
svnwcsub.py in Subversion 1.8.0 before 1.8.3, when using the --pidfile option and running in...
Low
Unreviewed
CVE-2013-4262
was published
May 17, 2022
The daemonize.py module in Subversion 1.8.0 before 1.8.2 allows local users to gain privileges...
Low
Unreviewed
CVE-2013-7393
was published
May 17, 2022
lisp/net/browse-url.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary...
Low
Unreviewed
CVE-2014-3423
was published
May 17, 2022
lisp/gnus/gnus-fun.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary...
Low
Unreviewed
CVE-2014-3421
was published
May 17, 2022
lisp/emacs-lisp/find-gc.el in GNU Emacs 24.3 and earlier allows local users to overwrite...
Low
Unreviewed
CVE-2014-3422
was published
May 17, 2022
lisp/net/tramp-sh.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary...
Low
Unreviewed
CVE-2014-3424
was published
May 17, 2022
Cool Projects TarDiff allows local users to write to arbitrary files via a symlink attack on a...
Low
Unreviewed
CVE-2015-0858
was published
May 17, 2022
The undo save quit routine in the kernel in Blender 2.5, 2.63a, and earlier allows local users to...
Low
Unreviewed
CVE-2010-5105
was published
May 17, 2022
The Qualcomm Innovation Center (QuIC) init scripts in Code Aurora Forum (CAF) releases of Android...
Low
Unreviewed
CVE-2013-6124
was published
May 17, 2022
include/tests_webservers in Lynis before 1.5.5 allows local users to overwrite arbitrary files...
Low
Unreviewed
CVE-2014-3986
was published
May 17, 2022
include/tests_webservers in Lynis before 1.5.5 on AIX allows local users to overwrite arbitrary...
Low
Unreviewed
CVE-2014-3982
was published
May 17, 2022
The openTempFile function in goo/gfile.cc in Xpdf and Poppler 0.24.3 and earlier, when running on...
Low
Unreviewed
CVE-2013-4472
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API