Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,968
Erlang
39
GitHub Actions
38
Go
2,616
Maven
5,000+
npm
4,255
NuGet
760
pip
4,040
Pub
12
RubyGems
953
Rust
1,050
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

443 advisories

Loading
In connsyslogger, there is a possible symbolic link following due to improper link resolution.... Moderate Unreviewed
CVE-2022-20050 was published Mar 11, 2022
GNOME Display Manager (gdm) 2.x before 2.32.1 allows local users to change the ownership of... Moderate Unreviewed
CVE-2011-0727 was published May 17, 2022
dpkg-source in dpkg before 1.14.31 and 1.15.x allows user-assisted remote attackers to modify... Moderate Unreviewed
CVE-2011-0402 was published May 17, 2022
In mobile_log_d, there is a possible symbolic link following due to an improper link resolution.... Moderate Unreviewed
CVE-2022-20068 was published Apr 12, 2022
Backup in Apple iOS before 8.4.1 allows attackers to bypass intended restrictions on filesystem... Moderate Unreviewed
CVE-2015-5752 was published May 17, 2022
The init script in the Debian x11-common package before 1:7.6+12 is vulnerable to a symlink... Moderate Unreviewed
CVE-2012-1093 was published Apr 23, 2022
The mysqlaccess script in MySQL 4.0.23 and earlier, 4.1.x before 4.1.10, 5.0.x before 5.0.3, and... Moderate Unreviewed
CVE-2005-0004 was published May 1, 2022
An issue in the handling of symlinks was addressed with improved validation. This issue is fixed... Moderate Unreviewed
CVE-2022-26688 was published May 27, 2022
sng_regress in SNG 1.0.2 allows local users to overwrite arbitrary files via a symlink attack on... Moderate Unreviewed
CVE-2008-6398 was published May 17, 2022
rlatex in AlcoveBook sgml2x 1.0.0 allows local users to overwrite arbitrary files via a symlink... Moderate Unreviewed
CVE-2008-6397 was published May 17, 2022
A security vulnerability that can lead to local privilege escalation has been found in ’guix... Moderate Unreviewed
CVE-2021-27851 was published May 24, 2022
openibd in OpenFabrics Enterprise Distribution (OFED) 1.5.2 allows local users to overwrite... Moderate Unreviewed
CVE-2010-1693 was published May 17, 2022
Open redirect vulnerability in wp-admin/upgrade.php in WordPress, probably 2.6.x, allows remote... Moderate Unreviewed
CVE-2008-6762 was published May 17, 2022
The AcquireDaemonLock function in ipcdUnix.cpp in Sun Innotek VirtualBox before 2.0.6 allows... Moderate Unreviewed
CVE-2008-5256 was published May 17, 2022
passwdehd in libpam-mount 0.43 allows local users to overwrite arbitrary files via a symlink... Moderate Unreviewed
CVE-2008-5138 was published May 17, 2022
bluetooth.rc in p3nfs 5.19 allows local users to overwrite arbitrary files via a symlink attack... Moderate Unreviewed
CVE-2008-5154 was published May 17, 2022
trend-autoupdate.new in mailscanner 4.55.10 and other versions before 4.74.16-1 allows local... Moderate Unreviewed
CVE-2008-5140 was published May 17, 2022
redirect.pl in bk2site 1.1.9 allows local users to overwrite arbitrary files via a symlink attack... Moderate Unreviewed
CVE-2008-4995 was published May 17, 2022
vdrleaktest in Video Disk Recorder (aka vdr-dbg or vdr) 1.6.0 allows local users to overwrite... Moderate Unreviewed
CVE-2008-4985 was published May 17, 2022
The (1) ncsarmt and (2) ncsawrap scripts in xmcd 2.6 allows local users to overwrite arbitrary... Moderate Unreviewed
CVE-2008-4994 was published May 17, 2022
ogle 0.9.2 and ogle-mmx 0.9.2 allow local users to overwrite arbitrary files via a symlink attack... Moderate Unreviewed
CVE-2008-4976 was published May 17, 2022
dtc 0.29.6 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp... Moderate Unreviewed
CVE-2008-4951 was published May 17, 2022
xmlfile.py in aptoncd 0.1 allows local users to overwrite arbitrary files via a symlink attack on... Moderate Unreviewed
CVE-2008-4940 was published May 17, 2022
mafft-homologs in mafft 6.240 allows local users to overwrite arbitrary files via a symlink... Moderate Unreviewed
CVE-2008-4971 was published May 17, 2022
i2myspell in myspell 3.1 allows local users to overwrite arbitrary files via a symlink attack on ... Moderate Unreviewed
CVE-2008-4973 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database