Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,762
NuGet
678
pip
3,447
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

372 advisories

Loading
zarafa-autorespond in Zarafa Collaboration Platform (ZCP) before 7.2.1 allows local users to gain... High Unreviewed
CVE-2015-6566 was published May 17, 2022
mail.local in NetBSD versions 6.0 through 6.0.6, 6.1 through 6.1.5, and 7.0 allows local users to... High Unreviewed
CVE-2016-6253 was published May 17, 2022
Unspecified vulnerability in Opera before 9.60 allows remote attackers to cause a denial of... High Unreviewed
CVE-2008-4694 was published May 17, 2022
Argument injection vulnerability in devscripts before 2.15.7 allows remote attackers to write to... High Unreviewed
CVE-2015-5705 was published May 17, 2022
The pg_ctlcluster script in postgresql-common package in Debian wheezy before 134wheezy5, in... High Unreviewed
CVE-2016-1255 was published May 17, 2022
Trend Micro Password Manager (Consumer) version 5.0.0.1266 and below is vulnerable to a Link... High Unreviewed
CVE-2022-30523 was published May 17, 2022
The pulp-gen-nodes-certificate script in Pulp before 2.8.3 allows local users to leak the keys or... High Unreviewed
CVE-2016-3108 was published May 14, 2022
(1) oo-analytics-export and (2) oo-analytics-import in the openshift-origin-broker-util package... High Unreviewed
CVE-2013-4364 was published May 14, 2022
Automatic Bug Reporting Tool (ABRT) allows local users to read, change the ownership of, or have... High Unreviewed
CVE-2015-3315 was published May 14, 2022
kwallet-pam in KDE KWallet before 5.12.6 allows local users to obtain ownership of arbitrary... High Unreviewed
CVE-2018-10380 was published May 14, 2022
In Cylance CylancePROTECT before 1470, an unprivileged local user can obtain SYSTEM privileges... High Unreviewed
CVE-2018-10722 was published May 14, 2022
The postinst script in the tomcat6 package before 6.0.45+dfsg-1~deb7u4 on Debian wheezy, before 6... High Unreviewed
CVE-2016-9774 was published May 14, 2022
An issue was discovered in Cinnamon 1.9.2 through 3.8.6. The cinnamon-settings-users.py GUI runs... High Unreviewed
CVE-2018-13054 was published May 14, 2022
AMD fglrx-driver before 15.7 allows local users to gain privileges via a symlink attack. High Unreviewed
CVE-2015-7723 was published May 14, 2022
AMD fglrx-driver before 15.9 allows local users to gain privileges via a symlink attack. NOTE:... High Unreviewed
CVE-2015-7724 was published May 14, 2022
/bin/login in shadow 4.0.18.1 in Debian GNU/Linux, and probably other Linux distributions, allows... High Unreviewed
CVE-2008-5394 was published May 14, 2022
Denial of service via crafting malicious link and sending it to a privileged user can cause... High Unreviewed
CVE-2018-15351 was published May 14, 2022
The MOTD update script in the base-files package in Ubuntu 18.04 LTS before 10.1ubuntu2.2, and... High Unreviewed
CVE-2018-6557 was published May 14, 2022
The LHA.sys driver before 1.1.1811.2101 in LG Device Manager exposes functionality that allows... High Unreviewed
CVE-2019-8372 was published May 14, 2022
Directory traversal vulnerability in afc in AppleFileConduit in Apple iOS before 8.1.3 and Apple... High Unreviewed
CVE-2014-4480 was published May 14, 2022
It was found that the fix for CVE-2018-10927, CVE-2018-10928, CVE-2018-10929, CVE-2018-10930, and... High Unreviewed
CVE-2018-14651 was published May 14, 2022
lxc-start in lxc before 1.0.8 and 1.1.x before 1.1.4 allows local container administrators to... High Unreviewed
CVE-2015-1335 was published May 14, 2022
fish before 2.1.1 allows local users to write to arbitrary files via a symlink attack on (1) /tmp... High Unreviewed
CVE-2014-3219 was published May 13, 2022
Unspecified tests in Lynis before 2.5.0 allow local users to write to arbitrary files or possibly... High Unreviewed
CVE-2017-8108 was published May 13, 2022
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10... High Unreviewed
CVE-2017-6981 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database