GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
154 advisories
Filter by severity
The runtime linker in QNX Neutrino RTOS 6.5.0 before Service Pack 1 does not properly clear the...
Low
Unreviewed
CVE-2011-4060
was published
May 17, 2022
crontab.c in crontab in FreeBSD and Apple Mac OS X allows local users to (1) determine the...
Low
Unreviewed
CVE-2011-1073
was published
May 14, 2022
Mathematica 7, when running on Linux, allows local users to overwrite arbitrary files via a...
Low
Unreviewed
CVE-2010-2027
was published
May 14, 2022
The GetHTMLRunDir function in the scan-build utility in Clang 3.5 and earlier allows local users...
Low
Unreviewed
CVE-2014-2893
was published
May 14, 2022
The _rl_tropen function in util.c in GNU readline before 6.3 patch 3 allows local users to create...
Low
Unreviewed
CVE-2014-2524
was published
May 14, 2022
Gummi 0.6.5 allows local users to write to arbitrary files via a symlink attack on a temporary...
Low
Unreviewed
CVE-2015-7758
was published
May 14, 2022
GNU Parallel before 20150522 (Nepal), when using (1) --cat or (2) --fifo with --sshlogin, allows...
Low
Unreviewed
CVE-2015-4156
was published
May 14, 2022
syslogd in the syslog subsystem in Apple iOS before 8 and Apple TV before 7 allows local users to...
Low
Unreviewed
CVE-2014-4372
was published
May 14, 2022
PGTStorage/pgt-file.php in phpCAS before 1.1.3, when proxy mode is enabled, allows local users to...
Low
Unreviewed
CVE-2010-3691
was published
May 13, 2022
The changelog command in Apt before 1.0.9.2 allows local users to write to arbitrary files via a...
Low
Unreviewed
CVE-2014-7206
was published
May 13, 2022
The installer in PEAR before 1.9.2 allows local users to overwrite arbitrary files via a symlink...
Low
Unreviewed
CVE-2011-1072
was published
May 13, 2022
The installer in PEAR 1.9.2 and earlier allows local users to overwrite arbitrary files via a...
Low
Unreviewed
CVE-2011-1144
was published
May 13, 2022
The feh_unique_filename function in utils.c in feh 1.11.2 and earlier might allow local users to...
Low
Unreviewed
CVE-2011-1031
was published
May 13, 2022
The feh_unique_filename function in utils.c in feh before 1.11.2 might allow local users to...
Low
Unreviewed
CVE-2011-0702
was published
May 13, 2022
The LockServer function in os/utils.c in X.Org xserver before 1.11.2 allows local users to...
Low
Unreviewed
CVE-2011-4028
was published
May 13, 2022
modules.d/90crypt/module-setup.sh in the dracut package before 037-17.30.1 in openSUSE 13.2...
Low
Unreviewed
CVE-2015-0794
was published
May 13, 2022
The PEAR_REST class in REST.php in PEAR in PHP through 5.6.0 allows local users to write to...
Low
Unreviewed
CVE-2014-5459
was published
May 13, 2022
Puppet before 3.3.3 and 3.4 before 3.4.1 and Puppet Enterprise (PE) before 2.8.4 and 3.1 before 3...
Low
Unreviewed
CVE-2013-4969
was published
May 13, 2022
systemd, when updating file permissions, allows local users to change the permissions and SELinux...
Low
Unreviewed
CVE-2013-4392
was published
May 13, 2022
Perl module Data::UUID from CPAN version 1.219 vulnerable to symlink attacks
Low
Unreviewed
CVE-2013-4184
was published
May 5, 2022
The SPICE Firefox plug-in (spice-xpi) 2.4, 2.3, 2.2, and possibly other versions allows local...
Low
Unreviewed
CVE-2011-0012
was published
May 3, 2022
pimd 2.1.5 and possibly earlier versions allows user-assisted local users to overwrite arbitrary...
Low
Unreviewed
CVE-2011-0007
was published
May 3, 2022
contrib/pdfmark/pdfroff.sh in GNU troff (aka groff) before 1.21 allows local users to overwrite...
Low
Unreviewed
CVE-2009-5044
was published
May 3, 2022
The sort_offline function for texindex in texinfo 4.8 and earlier allows local users to overwrite...
Low
Unreviewed
CVE-2005-3011
was published
May 3, 2022
Certain patch-installation scripts in Oracle Solaris allow local users to append data to...
Low
Unreviewed
CVE-2010-1183
was published
May 2, 2022
ProTip!
Advisories are also available from the
GraphQL API