GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,262
Erlang
31
GitHub Actions
21
Go
2,024
Maven
5,000+
npm
3,731
NuGet
662
pip
3,407
Pub
12
RubyGems
891
Rust
864
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
154 advisories
Filter by severity
Dell Command | Intel vPro Out of Band, versions before 4.4.0, contain an arbitrary folder delete...
Low
Unreviewed
CVE-2023-23697
was published
Feb 13, 2023
Dell Command | Integration Suite for System Center, versions before 6.4.0 contain an arbitrary...
Low
Unreviewed
CVE-2023-24572
was published
Feb 13, 2023
There is an information leak vulnerability in the digital media player (DMS) of ZTE's residential...
Low
Unreviewed
CVE-2021-21740
was published
May 24, 2022
The sudoedit personality of Sudo before 1.9.5 may allow a local unprivileged user to perform...
Low
Unreviewed
CVE-2021-23239
was published
May 24, 2022
An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application...
Low
Unreviewed
CVE-2020-16853
was published
May 24, 2022
An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application...
Low
Unreviewed
CVE-2020-16851
was published
May 24, 2022
A flaw was found in chrony versions before 3.5.1 when creating the PID file under the /var/run...
Low
Unreviewed
CVE-2020-14367
was published
May 24, 2022
ZoneAlarm Anti-Ransomware before version 1.0.713 copies files for the report from a directory...
Low
Unreviewed
CVE-2020-6012
was published
May 24, 2022
Privilege Escalation vulnerability in McAfee Total Protection (MTP) before 16.0.R26 allows local...
Low
Unreviewed
CVE-2020-7282
was published
May 24, 2022
Apport creates a world writable lock file with root ownership in the world writable /var/lock...
Low
Unreviewed
CVE-2020-8831
was published
May 24, 2022
A UNIX Symbolic Link (Symlink) Following vulnerability in chkstat of SUSE Linux Enterprise Server...
Low
Unreviewed
CVE-2020-8013
was published
May 24, 2022
A UNIX Symbolic Link (Symlink) Following vulnerability in the mysql-systemd-helper of the mariadb...
Low
Unreviewed
CVE-2019-18901
was published
May 24, 2022
Dell Client Consumer and Commercial Platforms contain an Arbitrary File Overwrite Vulnerability....
Low
Unreviewed
CVE-2020-5324
was published
May 24, 2022
HP Linux Imaging and Printing (HPLIP) through 3.12.4 allows local users to overwrite arbitrary...
Low
Unreviewed
CVE-2013-0200
was published
May 17, 2022
The make_lockdir_name function in policy.c in pmount 0.9.18 allow local users to overwrite...
Low
Unreviewed
CVE-2010-2192
was published
May 17, 2022
GNU gv before 3.7.0 allows local users to overwrite arbitrary files via a symlink attack on a...
Low
Unreviewed
CVE-2010-2056
was published
May 17, 2022
The SPICE (aka spice-xpi) plug-in 2.2 for Firefox allows local users to overwrite arbitrary files...
Low
Unreviewed
CVE-2010-2794
was published
May 17, 2022
The default configuration of libsdp.conf in libsdp 1.1.104 and earlier creates log files in /tmp,...
Low
Unreviewed
CVE-2010-4173
was published
May 17, 2022
hammerhead.cc in Hammerhead 2.1.4 allows local users to write to arbitrary files via a symlink...
Low
Unreviewed
CVE-2011-3204
was published
May 17, 2022
The configure script in gnash 0.8.8 allows local users to overwrite arbitrary files via a symlink...
Low
Unreviewed
CVE-2010-4337
was published
May 17, 2022
The errorExitIfAttackViaString function in Tunnelblick 3.3beta20 and earlier allows local users...
Low
Unreviewed
CVE-2012-4676
was published
May 17, 2022
as31 2.3.1-4 does not seed the random number generator and generates predictable temporary file...
Low
Unreviewed
CVE-2012-0808
was published
May 17, 2022
Bokken before 1.6 and 1.5-x before 1.5-3 for Debian allows local users to overwrite arbitrary...
Low
Unreviewed
CVE-2011-5146
was published
May 17, 2022
ProcessTable.pm in the Proc::ProcessTable module 0.45 for Perl, when TTY information caching is...
Low
Unreviewed
CVE-2011-4363
was published
May 17, 2022
Centrify Deployment Manager 2.1.0.283, as distributed in Centrify Suite before 2012.5, allows...
Low
Unreviewed
CVE-2012-6348
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API