GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,760
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
411 advisories
Filter by severity
The DataLoader::doStart function in dataloader.cpp in QGit 1.5.6 and other versions up to 2pre1...
Moderate
Unreviewed
CVE-2007-4631
was published
May 1, 2022
KDE Konqueror 3.5.7 allows remote attackers to spoof the URL address bar by calling setInterval...
Moderate
Unreviewed
CVE-2007-4224
was published
May 1, 2022
(1) xenbaked and (2) xenmon.py in Xen 3.1 and earlier allow local users to truncate arbitrary...
Moderate
Unreviewed
CVE-2007-3919
was published
May 1, 2022
The main function in skkdic-expr.c in SKK Tools 1.2 allows local users to overwrite or delete...
Moderate
Unreviewed
CVE-2007-3916
was published
May 1, 2022
The init.d script for the X.Org X11 xfs font server on various Linux distributions might allow...
Moderate
Unreviewed
CVE-2007-3103
was published
May 1, 2022
Session fixation vulnerability in eggblog 3.1.0 and earlier allows remote attackers to hijack web...
Moderate
Unreviewed
CVE-2007-2978
was published
May 1, 2022
Certain setuid DB2 binaries in IBM DB2 before 9 Fix Pack 2 for Linux and Unix allow local users...
Moderate
Unreviewed
CVE-2007-1027
was published
May 1, 2022
passwd in Directory Services in Mac OS X 10.3.x before 10.3.9 and 10.4.x before 10.4.5 allows...
Moderate
Unreviewed
CVE-2005-2714
was published
May 1, 2022
The mysqlaccess script in MySQL 4.0.23 and earlier, 4.1.x before 4.1.10, 5.0.x before 5.0.3, and...
Moderate
Unreviewed
CVE-2005-0004
was published
May 1, 2022
Sun PC NetLink 1.0 through 1.2 does not properly set the access control list (ACL) for files and...
Moderate
Unreviewed
CVE-2002-2323
was published
Apr 30, 2022
Hard link and possibly symbolic link following vulnerabilities in QNX RTOS 4.25 (aka QNX4) allow...
Moderate
Unreviewed
CVE-2002-0793
was published
Apr 30, 2022
NTFS file system in Windows NT 4.0 and Windows 2000 SP2 allows local attackers to hide file usage...
Moderate
Unreviewed
CVE-2002-0725
was published
Apr 30, 2022
WFTPD 3.00 allows remote attackers to read arbitrary files by uploading a (link) file that ends...
Moderate
Unreviewed
CVE-2001-1386
was published
Apr 30, 2022
ArGoSoft FTP Server 1.2.2.2 allows remote attackers to read arbitrary files and directories by...
Moderate
Unreviewed
CVE-2001-1043
was published
Apr 30, 2022
Transsoft Broker 5.9.5.0 allows remote attackers to read arbitrary files and directories by...
Moderate
Unreviewed
CVE-2001-1042
was published
Apr 30, 2022
Eudora 4.x allows remote attackers to bypass the user warning for executable attachments such as ...
Moderate
Unreviewed
CVE-2000-0342
was published
Apr 30, 2022
Internet Explorer 5.01 and earlier allows a remote attacker to create a reference to a client...
Moderate
Unreviewed
CVE-1999-0981
was published
Apr 30, 2022
Microsoft Excel does not warn a user when a macro is present in a Symbolic Link (SYLK) format file.
Moderate
Unreviewed
CVE-1999-0794
was published
Apr 30, 2022
FreeBSD allows local users to conduct a denial of service by creating a hard link from a device...
Moderate
Unreviewed
CVE-1999-0783
was published
Apr 30, 2022
Portage before 2.0.50-r3 allows local users to overwrite arbitrary files via a hard link attack...
Moderate
Unreviewed
CVE-2004-1901
was published
Apr 29, 2022
cPanel 9.4.1-RELEASE-64 follows hard links, which allows local users to (1) read arbitrary files...
Moderate
Unreviewed
CVE-2004-1603
was published
Apr 29, 2022
KDE before 3.3.0 does not properly handle when certain symbolic links point to "stale" locations,...
Moderate
Unreviewed
CVE-2004-0689
was published
Apr 29, 2022
Netscape Navigator 7.0.2 and Mozilla allows remote attackers to access cookie information in a...
Moderate
Unreviewed
CVE-2003-1492
was published
Apr 29, 2022
cci_dir in IBM U2 UniVerse 10.0.0.9 and earlier creates hard links and unlinks files as root,...
Moderate
Unreviewed
CVE-2003-0578
was published
Apr 29, 2022
Linksys MR9600 devices before 2.0.5 allow attackers to read arbitrary files via a symbolic link...
Moderate
Unreviewed
CVE-2022-24372
was published
Apr 28, 2022
ProTip!
Advisories are also available from the
GraphQL API