GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
51 advisories
Filter by severity
Java Merge-sort Insecure Temporary File vulnerability
Moderate
CVE-2022-24913
was published
for
com.fasterxml.util:java-merge-sort
(Maven)
Jan 12, 2023
A Insecure Temporary File vulnerability in grub-once of grub2 in SUSE Linux Enterprise Server 15...
Moderate
Unreviewed
CVE-2021-46705
was published
Mar 17, 2022
A Insecure Temporary File vulnerability in cscreen of openSUSE Factory allows local attackers to...
Moderate
Unreviewed
CVE-2022-21945
was published
Mar 17, 2022
golang/go in 1.0.2 fixes all.bash on shared machines. dotest() in src/pkg/debug/gosym...
Critical
Unreviewed
CVE-2012-2666
was published
Apr 23, 2022
caml-light <= 0.75 uses mktemp() insecurely, and also does unsafe things in /tmp during make...
Critical
Unreviewed
CVE-2011-4119
was published
Apr 22, 2022
Insecure Temporary File in SWHKD
Critical
CVE-2022-27815
was published
for
Simple-Wayland-HotKey-Daemon
(Rust)
Mar 31, 2022
Temporary Directory Hijacking to Local Privilege Escalation Vulnerability in org.springframework.boot:spring-boot
High
CVE-2022-27772
was published
for
org.springframework.boot:spring-boot
(Maven)
Jul 11, 2022
A Insecure Temporary File vulnerability in s390-tools of SUSE Linux Enterprise Server 12-SP5,...
Low
Unreviewed
CVE-2021-25316
was published
May 24, 2022
ManyDesigns Portofino subject to creation of insecure temporary file
High
CVE-2022-3952
was published
for
com.manydesigns:portofino
(Maven)
Nov 11, 2022
A vulnerability was found in OpenKM up to 6.3.11 and classified as problematic. Affected by this...
Moderate
Unreviewed
CVE-2022-3969
was published
Nov 13, 2022
A Insecure Temporary File vulnerability in openldap2 of SUSE Linux Enterprise Server 15-LTSS,...
Moderate
Unreviewed
CVE-2020-8027
was published
May 24, 2022
A Insecure Temporary File vulnerability in the packaging of cyrus-sasl of openSUSE Factory allows...
High
Unreviewed
CVE-2020-8032
was published
May 24, 2022
A vulnerability was found in pig-vector and classified as problematic. Affected by this issue is...
Moderate
Unreviewed
CVE-2022-4641
was published
Dec 22, 2022
A Insecure Temporary File vulnerability in skuba of SUSE CaaS Platform 4.5 allows local attackers...
Moderate
Unreviewed
CVE-2020-8030
was published
May 24, 2022
Creation of Temporary File in Directory with Insecure Permissions in auto-generated Java, Scala code
Moderate
CVE-2021-21430
was published
for
org.openapitools:openapi-generator
(Maven)
May 11, 2021
A vulnerability was found in centic9 jgit-cookbook. It has been declared as problematic. This...
High
Unreviewed
CVE-2022-4817
was published
Dec 28, 2022
Insecure temporary file used in com.squareup:connect
Low
CVE-2021-23331
was published
for
com.squareup:connect
(Maven)
Jun 16, 2021
Netflix/Priam: Temporary Directory Information Disclosure
Moderate
CVE-2021-28100
was published
for
com.netflix.priam:priam
(Maven)
Mar 30, 2021
Creation of Temporary File in Directory with Insecure Permissions in the OpenAPI Generator Maven plugin
Moderate
CVE-2021-21429
was published
for
org.openapitools:openapi-generator-maven-plugin
(Maven)
Apr 29, 2021
Temporary Directory Hijacking Vulnerability in Keycloak
High
CVE-2021-20202
was published
for
org.keycloak:keycloak-core
(Maven)
Mar 18, 2022
The deployment script in the unsupported "OpenShift Extras" set of add-on scripts, in Red Hat...
High
Unreviewed
CVE-2013-4253
was published
Oct 19, 2022
Creation of Temporary File in Directory with Insecure Permissions in the OpenAPI-Generator online generator
Critical
CVE-2021-21428
was published
for
org.openapitools:openapi-generator-online
(Maven)
May 11, 2021
Phusion Passenger Denial of Service
Moderate
CVE-2013-2119
was published
for
passenger
(RubyGems)
Oct 24, 2017
Insecure temporary file in Netflix OSS Hollow
Moderate
CVE-2021-28099
was published
for
com.netflix.hollow:hollow
(Maven)
Mar 29, 2021
ruby_parser allows local users to overwrite arbitrary files via symlink attack on temporary file with predictable name
Low
CVE-2013-0162
was published
for
ruby_parser
(RubyGems)
May 5, 2022
ProTip!
Advisories are also available from the
GraphQL API