Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,454
Erlang
33
GitHub Actions
22
Go
2,153
Maven
5,000+
npm
3,818
NuGet
693
pip
3,492
Pub
12
RubyGems
902
Rust
903
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

385 advisories

Loading
Western Digital My Cloud Cloud, Mirror Gen2, EX2 Ultra, EX2100, EX4100, DL2100, DL4100, PR2100... High Unreviewed
CVE-2019-9949 was published May 24, 2022
Insufficient access control vulnerability in Dynamic Application Loader software for Intel(R)... High Unreviewed
CVE-2019-0086 was published May 24, 2022
A local attacker can create a hard-link between a file to which the Check Point Endpoint Security... High Unreviewed
CVE-2019-8454 was published May 24, 2022
In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, 8.2RX... High Unreviewed
CVE-2019-11538 was published May 24, 2022
snap-confine in snapd before 2.38 incorrectly set the ownership of a snap application to the uid... High Unreviewed
CVE-2019-11502 was published May 24, 2022
snap-confine as included in snapd before 2.39 did not guard against symlink races when performing... High Unreviewed
CVE-2019-11503 was published May 24, 2022
A hard-link created from log file archive of Check Point ZoneAlarm up to 15.4.062 or Check Point... High Unreviewed
CVE-2019-8452 was published May 24, 2022
In Checkmk before 1.6.0p29, 2.x before 2.0.0p25, and 2.1.x before 2.1.0b10, a site user can... High Unreviewed
CVE-2022-31258 was published May 21, 2022
mail2sms.sh in smsclient 2.0.8z allows local users to overwrite arbitrary files via a symlink... High Unreviewed
CVE-2008-5155 was published May 17, 2022
src/unit_test.c in gpsdrive (aka gpsdrive-scripts) 2.10~pre4 might allow local users to overwrite... High Unreviewed
CVE-2008-5704 was published May 17, 2022
Google Chrome OS before 26.0.1410.57 relies on a Pango pango-utils.c read_config implementation... High Unreviewed
CVE-2013-0927 was published May 17, 2022
The XPC implementation in Admin Framework in Apple OS X before 10.10.3 allows local users to... High Unreviewed
CVE-2015-1130 was published May 17, 2022
kernel_crashdump in Apport before 2.19 allows local users to cause a denial of service (disk... High Unreviewed
CVE-2015-1338 was published May 17, 2022
zarafa-autorespond in Zarafa Collaboration Platform (ZCP) before 7.2.1 allows local users to gain... High Unreviewed
CVE-2015-6566 was published May 17, 2022
mail.local in NetBSD versions 6.0 through 6.0.6, 6.1 through 6.1.5, and 7.0 allows local users to... High Unreviewed
CVE-2016-6253 was published May 17, 2022
Unspecified vulnerability in Opera before 9.60 allows remote attackers to cause a denial of... High Unreviewed
CVE-2008-4694 was published May 17, 2022
Argument injection vulnerability in devscripts before 2.15.7 allows remote attackers to write to... High Unreviewed
CVE-2015-5705 was published May 17, 2022
The pg_ctlcluster script in postgresql-common package in Debian wheezy before 134wheezy5, in... High Unreviewed
CVE-2016-1255 was published May 17, 2022
Trend Micro Password Manager (Consumer) version 5.0.0.1266 and below is vulnerable to a Link... High Unreviewed
CVE-2022-30523 was published May 17, 2022
The pulp-gen-nodes-certificate script in Pulp before 2.8.3 allows local users to leak the keys or... High Unreviewed
CVE-2016-3108 was published May 14, 2022
(1) oo-analytics-export and (2) oo-analytics-import in the openshift-origin-broker-util package... High Unreviewed
CVE-2013-4364 was published May 14, 2022
Automatic Bug Reporting Tool (ABRT) allows local users to read, change the ownership of, or have... High Unreviewed
CVE-2015-3315 was published May 14, 2022
kwallet-pam in KDE KWallet before 5.12.6 allows local users to obtain ownership of arbitrary... High Unreviewed
CVE-2018-10380 was published May 14, 2022
In Cylance CylancePROTECT before 1470, an unprivileged local user can obtain SYSTEM privileges... High Unreviewed
CVE-2018-10722 was published May 14, 2022
The postinst script in the tomcat6 package before 6.0.45+dfsg-1~deb7u4 on Debian wheezy, before 6... High Unreviewed
CVE-2016-9774 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database