GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,572
Composer 4,205
Erlang 31
GitHub Actions 19
Go 1,986
Maven 5,163
npm 3,703
NuGet 661
pip 3,329
Pub 11
RubyGems 884
Rust 843
Swift 36

Unreviewed advisories

All unreviewed 234,065

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

438 advisories

Filter by severity

Sort by

Least recently updated

ioquake3 before r2253 allows local users to overwrite arbitrary files via a symlink attack on the... Moderate Unreviewed

CVE-2012-3345 was published May 17, 2022

In sound driver, there is a possible information disclosure due to symlink following. This could... Moderate Unreviewed

CVE-2022-21770 was published Jul 7, 2022

ppc64-diag 2.6.1 allows local users to overwrite arbitrary files via a symlink attack related to ... Moderate Unreviewed

CVE-2014-4038 was published May 17, 2022

The abrt-hook-ccpp help program in Automatic Bug Reporting Tool (ABRT) before 2.7.1 allows local... Moderate Unreviewed

CVE-2015-5287 was published May 17, 2022

provider/server/ECServer.cpp in Zarafa Collaboration Platform (ZCP) before 7.1.13 and 7.2.x... Moderate Unreviewed

CVE-2015-3436 was published May 17, 2022

On MacOS and Linux, it may be possible to perform a symlink attack by replacing this predictable... Moderate Unreviewed

CVE-2022-35631 was published Jul 30, 2022

pax 1:20140703 allows remote attackers to write to arbitrary files via a symlink attack in an... Moderate Unreviewed

CVE-2015-1194 was published May 17, 2022

The Read Mail module in Webmin 1.720 allows local users to read arbitrary files via a symlink... Moderate Unreviewed

CVE-2015-1377 was published May 17, 2022

The (1) mkxmltype and (2) mkdtskel scripts in XML-DT before 0.64 allow local users to overwrite... Moderate Unreviewed

CVE-2014-5260 was published May 17, 2022

The IPXPING_COMMAND in contrib/check_ipxping.c in Nagios Plugins 1.4.16 allows local users to... Moderate Unreviewed

CVE-2013-4215 was published May 17, 2022

cpio, as used in build 2007.05.10, 2010.07.28, and possibly other versions, allows remote... Moderate Unreviewed

CVE-2010-4226 was published May 17, 2022

An issue was discovered in Icinga2 before v2.12.0-rc1. The prepare-dirs script (run as part of... Moderate Unreviewed

CVE-2020-14004 was published May 24, 2022

An improper link resolution vulnerability in the Palo Alto Networks Cortex XDR agent on Windows... Moderate Unreviewed

CVE-2022-0029 was published Sep 15, 2022

GNOME Display Manager (gdm) before 2.21.1 allows local users to change permissions of arbitrary... Moderate Unreviewed

CVE-2013-4169 was published May 17, 2022

asr in Oracle Auto Service Request in Oracle Support Tools before 4.3.2 allows local users to... Moderate Unreviewed

CVE-2013-1495 was published May 17, 2022

(1) contrib/gforge-3.0-cronjobs.patch, (2) cronjobs/homedirs.php, (3) deb-specific/fileforge.pl, ... Moderate Unreviewed

CVE-2013-1423 was published May 17, 2022

bash-doc 3.2 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/cb###... Moderate Unreviewed

CVE-2008-5374 was published May 17, 2022

si_mkbootserver in systemimager-server 3.6.3 allows local users to overwrite arbitrary files via... Moderate Unreviewed

CVE-2008-5156 was published May 17, 2022

sendbug in freebsd-sendpr 3.113+5.3 on Debian GNU/Linux allows local users to overwrite arbitrary... Moderate Unreviewed

CVE-2008-5142 was published May 17, 2022

The FileUtils.remove_entry_secure method in Ruby 1.8.6 through 1.8.6-420, 1.8.7 through 1.8.7-330... Moderate Unreviewed

CVE-2011-1004 was published May 17, 2022

The getSkillname function in the eve module in Conky 1.8.1 and earlier allows local users to... Moderate Unreviewed

CVE-2011-3616 was published May 17, 2022

jhead.c in Matthias Wandel jhead 2.84 and earlier allows local users to overwrite arbitrary files... Moderate Unreviewed

CVE-2008-4639 was published May 17, 2022

mailscanner 4.55.10 and other versions before 4.74.16-1 might allow local users to overwrite... Moderate Unreviewed

CVE-2008-5312 was published May 17, 2022

delqueueask in rccp 0.9 allows local users to overwrite arbitrary files via a symlink attack on... Moderate Unreviewed

CVE-2008-4980 was published May 17, 2022

mkmailpost in newsgate 1.6 allows local users to overwrite arbitrary files via a symlink attack... Moderate Unreviewed

CVE-2008-4975 was published May 17, 2022

Previous 1 2 3 4 5 6 … 17 18 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

438 advisories