GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
155 advisories
Filter by severity
Perl module Data::UUID from CPAN version 1.219 vulnerable to symlink attacks
Low
Unreviewed
CVE-2013-4184
was published
May 5, 2022
Pedestal Software Integrity Protection Driver (IPD) 1.3 and earlier allows privileged attackers,...
Low
Unreviewed
CVE-2003-1233
was published
Apr 29, 2022
mod_gzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode...
Low
Unreviewed
CVE-2003-0844
was published
Apr 29, 2022
Firefox before 1.0.1 and Mozilla before 1.7.6 allows remote malicious web sites to overwrite...
Low
Unreviewed
CVE-2005-0587
was published
May 1, 2022
LutelWall 0.97 and earlier allows local users to overwrite arbitrary files via a symlink attack...
Low
Unreviewed
CVE-2005-1879
was published
May 1, 2022
The internal_dump function in Mathopd before 1.5p5, and 1.6x before 1.6b6 BETA, when Mathopd is...
Low
Unreviewed
CVE-2005-0824
was published
May 1, 2022
linki.py in ekg 2005-06-05 and earlier allows local users to overwrite or create arbitrary files...
Low
Unreviewed
CVE-2005-1916
was published
May 1, 2022
Perl 5.004_04 and earlier follows symbolic links when running with the -e option, which allows...
Low
Unreviewed
CVE-1999-1386
was published
Apr 30, 2022
everybuddy 0.4.3 and earlier allows local users to overwrite arbitrary files via a symlink attack...
Low
Unreviewed
CVE-2005-1880
was published
May 1, 2022
The LiveUpdate capability (liveupdate.sh) in Symantec AntiVirus Scan Engine 4.0 and 4.3 for Red...
Low
Unreviewed
CVE-2004-0217
was published
Apr 29, 2022
script command in the util-linux package before 2.11n allows local users to overwrite arbitrary...
Low
Unreviewed
CVE-2001-1494
was published
Apr 30, 2022
Joe text editor follows symbolic links when creating a rescue copy called DEADJOE during an...
Low
Unreviewed
CVE-2000-1178
was published
Apr 30, 2022
HP-UX 11.00 crontab allows local users to read arbitrary files via the -e option by creating a...
Low
Unreviewed
CVE-2000-0972
was published
Apr 30, 2022
An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application...
Low
Unreviewed
CVE-2020-16851
was published
May 24, 2022
An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application...
Low
Unreviewed
CVE-2020-16853
was published
May 24, 2022
Dell Command | Intel vPro Out of Band, versions before 4.4.0, contain an arbitrary folder delete...
Low
Unreviewed
CVE-2023-23697
was published
Feb 13, 2023
Dell Command | Integration Suite for System Center, versions before 6.4.0 contain an arbitrary...
Low
Unreviewed
CVE-2023-24572
was published
Feb 13, 2023
The edit_cmd function in crontab.c in (1) cronie before 1.4.4 and (2) Vixie cron (vixie-cron)...
Low
Unreviewed
CVE-2010-0424
was published
May 2, 2022
fuse 2.8.5 and earlier does not properly handle when /etc/mtab cannot be updated, which allows...
Low
Unreviewed
CVE-2011-0541
was published
May 17, 2022
iproute2 before 3.3.0 allows local users to overwrite arbitrary files via a symlink attack on a...
Low
Unreviewed
CVE-2012-1088
was published
May 17, 2022
The send_data_to_stdout function in prnt/hpijs/hpcupsfax.cpp in HP Linux Imaging and Printing ...
Low
Unreviewed
CVE-2011-2722
was published
May 17, 2022
The abrt-action-install-debuginfo-to-abrt-cache help program in Automatic Bug Reporting Tool ...
Low
Unreviewed
CVE-2015-5273
was published
May 17, 2022
The web interface in CUPS before 1.7.4 allows local users in the lp group to read arbitrary files...
Low
Unreviewed
CVE-2014-3537
was published
May 17, 2022
The (1) fence_apc and (2) fence_apc_snmp programs, as used in (a) fence 2.02.00-r1 and possibly ...
Low
Unreviewed
CVE-2008-4579
was published
May 2, 2022
ZoneAlarm Anti-Ransomware before version 1.0.713 copies files for the report from a directory...
Low
Unreviewed
CVE-2020-6012
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API