GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,029
Erlang
29
GitHub Actions
16
Go
1,832
Maven
5,000+
npm
3,573
NuGet
632
pip
3,158
Pub
10
RubyGems
847
Rust
797
Swift
34
Unreviewed advisories
All unreviewed
5,000+
10,776 advisories
Filter by severity
Buffer overflow in Linux autofs module through long directory names allows local users to perform...
Low
Unreviewed
CVE-1999-0460
was published
Apr 30, 2022
Local users can perform a denial of service in NetBSD 1.3.3 and earlier versions by creating an...
Low
Unreviewed
CVE-1999-0446
was published
Apr 30, 2022
Solaris ff.core allows local users to modify files.
Low
Unreviewed
CVE-1999-0442
was published
Apr 30, 2022
talkback in Netscape 4.5 allows a local user to overwrite arbitrary files of another user whose...
Low
Unreviewed
CVE-1999-0424
was published
Apr 30, 2022
64 bit Solaris 7 procfs allows local users to perform a denial of service.
Low
Unreviewed
CVE-1999-0417
was published
Apr 30, 2022
A race condition between the select() and accept() calls in NetBSD TCP servers allows remote...
Low
Unreviewed
CVE-1999-0396
was published
Apr 30, 2022
A race condition in Linux 2.2.1 allows local users to read arbitrary memory from /proc files.
Low
Unreviewed
CVE-1999-0401
was published
Apr 30, 2022
Debian GNU/Linux cfengine package is susceptible to a symlink attack.
Low
Unreviewed
CVE-1999-0374
was published
Apr 30, 2022
The installer for BackOffice Server includes account names and passwords in a setup file (reboot...
Low
Unreviewed
CVE-1999-0372
was published
Apr 30, 2022
Lynx allows a local user to overwrite sensitive files through /tmp symlinks.
Low
Unreviewed
CVE-1999-0371
was published
Apr 30, 2022
NetBSD netstat command allows local users to access kernel memory.
Low
Unreviewed
CVE-1999-0367
was published
Apr 30, 2022
The open() function in FreeBSD allows local attackers to write to arbitrary files.
Low
Unreviewed
CVE-1999-0322
was published
Apr 30, 2022
Solaris syslogd crashes when receiving a message from a host that doesn't have an inverse DNS entry.
Low
Unreviewed
CVE-1999-0223
was published
Apr 30, 2022
Denial of service in syslog by sending it a large number of superfluous messages.
Low
Unreviewed
CVE-1999-0171
was published
Apr 30, 2022
Java Bytecode Verifier allows malicious applets to execute arbitrary commands as the user of the...
Low
Unreviewed
CVE-1999-0141
was published
Apr 30, 2022
Denial of service in Qmail by specifying a large number of recipients with the RCPT command.
Low
Unreviewed
CVE-1999-0144
was published
Apr 30, 2022
fm_fls license server for Adobe Framemaker allows local users to overwrite arbitrary files and...
Low
Unreviewed
CVE-1999-0133
was published
Apr 30, 2022
Race condition in Linux mailx command allows local users to read user files.
Low
Unreviewed
CVE-1999-0123
was published
Apr 30, 2022
Expreserve, as used in vi and ex, allows local users to overwrite arbitrary files and gain root...
Low
Unreviewed
CVE-1999-0132
was published
Apr 30, 2022
finger allows recursive searches by using a long string of @ symbols.
Low
Unreviewed
CVE-1999-0105
was published
Apr 30, 2022
pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary...
Low
Unreviewed
CVE-1999-0078
was published
Apr 30, 2022
JavaScript in Internet Explorer 3.x and 4.x, and Netscape 2.x, 3.x and 4.x, allows remote...
Low
Unreviewed
CVE-1999-0031
was published
Apr 30, 2022
A NULL pointer dereference flaw was found in pesign's cms_set_pw_data() function of the...
Low
Unreviewed
CVE-2022-1249
was published
Apr 30, 2022
Shared Sun StorEdge QFS and SAM-QFS file systems, as used in Utilization Suite 4.0 through 4.1...
Low
Unreviewed
CVE-2004-2759
was published
Apr 29, 2022
ProTip!
Advisories are also available from the
GraphQL API