GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,083
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,644
NuGet
638
pip
3,260
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
8,830 advisories
Filter by severity
Michael Salzer Guestbox 0.6, and other versions before 0.8, allows remote attackers to obtain the...
Moderate
Unreviewed
CVE-2006-0861
was published
May 1, 2022
PyBlosxom before 1.3.2, when running on certain webservers, allows remote attackers to read...
Moderate
Unreviewed
CVE-2006-0707
was published
May 1, 2022
** DISPUTED ** MySQL 5.0.18 allows local users with access to a VIEW to obtain sensitive...
Low
Unreviewed
CVE-2006-0369
was published
May 1, 2022
unix_random.c in lshd for lsh 2.0.1 leaks file descriptors related to the randomness generator,...
Low
Unreviewed
CVE-2006-0353
was published
May 1, 2022
TinyPHPForum 3.6 and earlier stores the (1) users/[USERNAME].hash and (2) users/[USERNAME].email...
Moderate
Unreviewed
CVE-2006-0103
was published
May 1, 2022
The netlink subsystem in the Linux kernel 2.4.x before 2.4.37.6 and 2.6.x before 2.6.13-rc1 does...
Moderate
Unreviewed
CVE-2005-4881
was published
May 1, 2022
TYPO3 3.8.0 and earlier allows remote attackers to obtain sensitive information via a direct...
High
Unreviewed
CVE-2005-4875
was published
May 1, 2022
Shared memory sections and events in IBM DB2 8.1 have default permissions of read and write for...
Low
Unreviewed
CVE-2005-4868
was published
May 1, 2022
Apache Derby exposes user and password attributes
Moderate
CVE-2005-4849
was published
for
org.apache.derby:derby
(Maven)
May 1, 2022
Apache Tomcat allows remote attackers to read JSP source files
High
CVE-2005-4836
was published
for
org.apache.tomcat:tomcat
(Maven)
May 1, 2022
Apache Tomcat Discloses MS-DOS Pathname
Moderate
CVE-2005-4703
was published
for
org.apache.tomcat:tomcat
(Maven)
May 1, 2022
roundcube webmail Alpha, with a default high verbose level ($rcmail_config['debug_level'] = 1),...
Moderate
Unreviewed
CVE-2005-4368
was published
May 1, 2022
Limbo CMS 1.0.4.2 and earlier allows remote attackers to obtain the installation path of the...
Moderate
Unreviewed
CVE-2005-4320
was published
May 1, 2022
phpCOIN 1.2.2 allows remote attackers to obtain the installation path via a direct request to...
Moderate
Unreviewed
CVE-2005-4214
was published
May 1, 2022
Mortbay Jetty Discloses JSP Source Code
Moderate
CVE-2005-3747
was published
for
org.mortbay.jetty:jetty
(Maven)
May 1, 2022
Zyxel P2000W Version 1 VOIP WIFI Phone Wj.00.10 allows remote attackers to obtain sensitive...
Moderate
Unreviewed
CVE-2005-3724
was published
May 1, 2022
phpAdsNew and phpPgAds 2.0.6 and possibly earlier versions allows remote attackers to obtain the...
Moderate
Unreviewed
CVE-2005-3645
was published
May 1, 2022
tiki-view_forum_thread.php in TikiWiki 1.9.0 through 1.9.2 allows remote attackers to obtain the...
Moderate
Unreviewed
CVE-2005-3529
was published
May 1, 2022
IBM WebSphere Application Server 5.0.x before 5.02.15, 5.1.x before 5.1.1.8, and 6.x before...
Moderate
Unreviewed
CVE-2005-3498
was published
May 1, 2022
The default configuration of the web server for the Solaris Management Console (SMC) in Solaris 8...
Moderate
Unreviewed
CVE-2005-3398
was published
May 1, 2022
Apache Tomcat AJP Connector Information Leak
Low
CVE-2005-3164
was published
for
org.apache.tomcat:tomcat
(Maven)
May 1, 2022
fetchmailconf before 1.49 in fetchmail 6.2.0, 6.2.5 and 6.2.5.2 creates configuration files with...
Low
Unreviewed
CVE-2005-3088
was published
May 1, 2022
An unspecified kernel interface in Mac OS X 10.4.2 and earlier does not properly clear memory...
Low
Unreviewed
CVE-2005-2752
was published
May 1, 2022
modifyUser.asp in Cool Cafe (Cool Café) Chat 1.2.1 allows remote attackers to obtain the...
High
Unreviewed
CVE-2005-2036
was published
May 1, 2022
** DISPUTED ** JavaMail API 1.1.3 through 1.3, as used by Apache Tomcat 5.0.16, allows remote...
Moderate
Unreviewed
CVE-2005-1754
was published
May 1, 2022
ProTip!
Advisories are also available from the
GraphQL API