Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,198
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,702
NuGet
656
pip
3,328
Pub
11
RubyGems
883
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

438 advisories

Loading
A vulnerability in the Cisco Application Framework component of the Cisco IOx application... Moderate Unreviewed
CVE-2020-3237 was published May 24, 2022
A vulnerability in the web-based user interface (web UI) of Cisco IOS XE Software could allow an... Moderate Unreviewed
CVE-2020-3223 was published May 24, 2022
Inappropriate implementation in installer in Google Chrome on OS X prior to 83.0.4103.61 allowed... Moderate Unreviewed
CVE-2020-6477 was published May 24, 2022
UNIX Symbolic Link (Symlink) Following vulnerability in the cronjob shipped with nagios of SUSE... Moderate Unreviewed
CVE-2019-3698 was published May 24, 2022
Kevin Backhouse discovered that apport would read a user-supplied configuration file with... Moderate Unreviewed
CVE-2019-11481 was published May 24, 2022
daemon/abrt-handle-upload.in in Automatic Bug Reporting Tool (ABRT), when moving problem reports... Moderate Unreviewed
CVE-2015-3147 was published May 24, 2022
Dell Command Update versions prior to 3.1 contain an Arbitrary File Deletion Vulnerability. A... Moderate Unreviewed
CVE-2019-3750 was published May 24, 2022
The quarantine restoration function in Total Defense Anti-virus 11.5.2.28 is vulnerable to... Moderate Unreviewed
CVE-2019-18645 was published May 24, 2022
Podman Symlink Vulnerability Moderate
CVE-2019-18466 was published for github.com/containers/podman/v4 (Go) May 24, 2022
In Avast Antivirus before 19.4, a local administrator can trick the product into renaming... Moderate Unreviewed
CVE-2019-11230 was published May 24, 2022
In GNU patch through 2.7.6, the following of symlinks is mishandled in certain cases other than... Moderate Unreviewed
CVE-2019-13636 was published May 24, 2022
deepin-clone before 1.1.3 uses a fixed path /tmp/partclone.log in the Helper:... Moderate Unreviewed
CVE-2019-13229 was published May 24, 2022
In GUI mode, deepin-clone before 1.1.3 creates a log file at the fixed path /tmp/.deepin-clone... Moderate Unreviewed
CVE-2019-13227 was published May 24, 2022
deepin-clone before 1.1.3 uses a fixed path /tmp/repo.iso in the BootDoctor::fix() function to... Moderate Unreviewed
CVE-2019-13228 was published May 24, 2022
Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server Moderate
CVE-2022-24904 was published for github.com/argoproj/argo-cd/v2 (Go) May 23, 2022
crenshaw-dev tdunlap607
pscal in xcal 4.1 allows local users to overwrite arbitrary files via a symlink attack on a /tmp... Moderate Unreviewed
CVE-2008-4988 was published May 17, 2022
** DISPUTED ** postinst in twiki 4.1.2 allows local users to overwrite arbitrary files via a... Moderate Unreviewed
CVE-2008-4998 was published May 17, 2022
** DISPUTED ** dfxml-invoice in datafreedom-perl 0.1.7 allows local users to overwrite arbitrary... Moderate Unreviewed
CVE-2008-4997 was published May 17, 2022
** DISPUTED ** postfix_groups.pl in Postfix 2.5.2 allows local users to overwrite arbitrary... Moderate Unreviewed
CVE-2008-4977 was published May 17, 2022
** DISPUTED ** master-filter in printfilters-ppd 2.13 allows local users to overwrite arbitrary... Moderate Unreviewed
CVE-2008-5034 was published May 17, 2022
** DISPUTED ** init in initramfs-tools 0.92f allows local users to overwrite arbitrary files via... Moderate Unreviewed
CVE-2008-4996 was published May 17, 2022
test_parser.py in mayavi 1.5 allows local users to overwrite arbitrary files via a symlink attack... Moderate Unreviewed
CVE-2008-5151 was published May 17, 2022
add-accession-numbers in ctn 3.0.6 allows local users to overwrite arbitrary files via a symlink... Moderate Unreviewed
CVE-2008-5146 was published May 17, 2022
** DISPUTED ** os-prober in os-prober 1.17 allows local users to overwrite arbitrary files via a... Moderate Unreviewed
CVE-2008-5135 was published May 17, 2022
sdm-login in sdm-terminal 0.4.0b allows local users to overwrite arbitrary files via a symlink... Moderate Unreviewed
CVE-2008-5372 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database