Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
1,996
Maven
5,000+
npm
3,709
NuGet
661
pip
3,349
Pub
11
RubyGems
885
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+

11,100 advisories

Loading
The ActiveX control for invoking a scriptlet in Internet Explorer 5.0 through 5.5 renders... Low Unreviewed
CVE-2001-0091 was published Apr 30, 2022
Vulnerability in top in HP-UX 11.04 and earlier allows local users to overwrite files owned by... Low Unreviewed
CVE-2001-0105 was published Apr 30, 2022
dialog before 0.9a-20000118-3bis in Debian GNU/Linux allows local users to overwrite arbitrary... Low Unreviewed
CVE-2001-0069 was published Apr 30, 2022
in.mond in Sun Cluster 2.x allows local users to read arbitrary files via a symlink attack on the... Low Unreviewed
CVE-2001-0078 was published Apr 30, 2022
Buffer overflow in the find_default_type function in libsecure in NSA Security-enhanced Linux,... Low Unreviewed
CVE-2001-0073 was published Apr 30, 2022
The installation of J-Pilot creates the .jpilot directory with the user's umask, which could... Low Unreviewed
CVE-2001-0067 was published Apr 30, 2022
gpg (aka GnuPG) 1.0.4 and other versions does not properly verify detached signatures, which... Low Unreviewed
CVE-2001-0071 was published Apr 30, 2022
Mac OS Runtime for Java (MRJ) 2.2.3 allows remote attackers to use malicious applets to read... Low Unreviewed
CVE-2001-0068 was published Apr 30, 2022
Support Tools Manager (STM) A.22.00 for HP-UX allows local users to overwrite arbitrary files via... Low Unreviewed
CVE-2001-0079 was published Apr 30, 2022
IBM DB2 Universal Database version 6.1 allows users to cause a denial of service via a malformed... Low Unreviewed
CVE-2001-0052 was published Apr 30, 2022
APC UPS daemon, apcupsd, saves its process ID in a world-writable file, which allows local users... Low Unreviewed
CVE-2001-0040 was published Apr 30, 2022
KTH Kerberos IV allows local users to overwrite arbitrary files via a symlink attack on a ticket... Low Unreviewed
CVE-2001-0036 was published Apr 30, 2022
Arrowpoint (aka Cisco Content Services, or CSS) allows local users to cause a denial of service... Low Unreviewed
CVE-2001-0019 was published Apr 30, 2022
Directory traversal vulnerability in Arrowpoint (aka Cisco Content Services, or CSS) allows local... Low Unreviewed
CVE-2001-0020 was published Apr 30, 2022
The default configuration of the jserv-status handler in jserv.conf in Apache JServ 1.1.2... Low Unreviewed
CVE-2000-1247 was published Apr 30, 2022
NWFTPD.nlm before 5.01o in the FTP server in Novell NetWare 5.1 SP3 allows remote authenticated... Low Unreviewed
CVE-2000-1246 was published Apr 30, 2022
The Winsock2ProtocolCatalogMutex mutex in Windows NT 4.0 has inappropriate Everyone/Full Control... Low Unreviewed
CVE-2001-0006 was published Apr 30, 2022
qpopper POP server creates lock files with predictable names, which allows local users to cause a... Low Unreviewed
CVE-2000-1198 was published Apr 30, 2022
imwheel-solo in imwheel package allows local users to modify arbitrary files via a symlink attack... Low Unreviewed
CVE-2000-1190 was published Apr 30, 2022
Joe text editor follows symbolic links when creating a rescue copy called DEADJOE during an... Low Unreviewed
CVE-2000-1178 was published Apr 30, 2022
ghostscript before 5.10-16 allows local users to overwrite files of other users via a symlink... Low Unreviewed
CVE-2000-1162 was published Apr 30, 2022
StarOffice 5.2 follows symlinks and sets world-readable permissions for the /tmp/soffice.tmp... Low Unreviewed
CVE-2000-1156 was published Apr 30, 2022
Recourse ManTrap 1.6 generates an error when an attacker cd's to /proc/self/cwd and executes the... Low Unreviewed
CVE-2000-1142 was published Apr 30, 2022
Recourse ManTrap 1.6 sets up a chroot environment to hide the fact that it is running, but the... Low Unreviewed
CVE-2000-1144 was published Apr 30, 2022
Recourse ManTrap 1.6 modifies the kernel so that ".." does not appear in the /proc listing, which... Low Unreviewed
CVE-2000-1141 was published Apr 30, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database