Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,083
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,644
NuGet
638
pip
3,260
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

8,830 advisories

Loading
Michael Salzer Guestbox 0.6, and other versions before 0.8, allows remote attackers to obtain the... Moderate Unreviewed
CVE-2006-0861 was published May 1, 2022
PyBlosxom before 1.3.2, when running on certain webservers, allows remote attackers to read... Moderate Unreviewed
CVE-2006-0707 was published May 1, 2022
** DISPUTED ** MySQL 5.0.18 allows local users with access to a VIEW to obtain sensitive... Low Unreviewed
CVE-2006-0369 was published May 1, 2022
unix_random.c in lshd for lsh 2.0.1 leaks file descriptors related to the randomness generator,... Low Unreviewed
CVE-2006-0353 was published May 1, 2022
TinyPHPForum 3.6 and earlier stores the (1) users/[USERNAME].hash and (2) users/[USERNAME].email... Moderate Unreviewed
CVE-2006-0103 was published May 1, 2022
The netlink subsystem in the Linux kernel 2.4.x before 2.4.37.6 and 2.6.x before 2.6.13-rc1 does... Moderate Unreviewed
CVE-2005-4881 was published May 1, 2022
TYPO3 3.8.0 and earlier allows remote attackers to obtain sensitive information via a direct... High Unreviewed
CVE-2005-4875 was published May 1, 2022
Shared memory sections and events in IBM DB2 8.1 have default permissions of read and write for... Low Unreviewed
CVE-2005-4868 was published May 1, 2022
Apache Derby exposes user and password attributes Moderate
CVE-2005-4849 was published for org.apache.derby:derby (Maven) May 1, 2022
Apache Tomcat allows remote attackers to read JSP source files High
CVE-2005-4836 was published for org.apache.tomcat:tomcat (Maven) May 1, 2022
Apache Tomcat Discloses MS-DOS Pathname Moderate
CVE-2005-4703 was published for org.apache.tomcat:tomcat (Maven) May 1, 2022
roundcube webmail Alpha, with a default high verbose level ($rcmail_config['debug_level'] = 1),... Moderate Unreviewed
CVE-2005-4368 was published May 1, 2022
Limbo CMS 1.0.4.2 and earlier allows remote attackers to obtain the installation path of the... Moderate Unreviewed
CVE-2005-4320 was published May 1, 2022
phpCOIN 1.2.2 allows remote attackers to obtain the installation path via a direct request to... Moderate Unreviewed
CVE-2005-4214 was published May 1, 2022
Mortbay Jetty Discloses JSP Source Code Moderate
CVE-2005-3747 was published for org.mortbay.jetty:jetty (Maven) May 1, 2022
Zyxel P2000W Version 1 VOIP WIFI Phone Wj.00.10 allows remote attackers to obtain sensitive... Moderate Unreviewed
CVE-2005-3724 was published May 1, 2022
phpAdsNew and phpPgAds 2.0.6 and possibly earlier versions allows remote attackers to obtain the... Moderate Unreviewed
CVE-2005-3645 was published May 1, 2022
tiki-view_forum_thread.php in TikiWiki 1.9.0 through 1.9.2 allows remote attackers to obtain the... Moderate Unreviewed
CVE-2005-3529 was published May 1, 2022
IBM WebSphere Application Server 5.0.x before 5.02.15, 5.1.x before 5.1.1.8, and 6.x before... Moderate Unreviewed
CVE-2005-3498 was published May 1, 2022
The default configuration of the web server for the Solaris Management Console (SMC) in Solaris 8... Moderate Unreviewed
CVE-2005-3398 was published May 1, 2022
Apache Tomcat AJP Connector Information Leak Low
CVE-2005-3164 was published for org.apache.tomcat:tomcat (Maven) May 1, 2022
fetchmailconf before 1.49 in fetchmail 6.2.0, 6.2.5 and 6.2.5.2 creates configuration files with... Low Unreviewed
CVE-2005-3088 was published May 1, 2022
An unspecified kernel interface in Mac OS X 10.4.2 and earlier does not properly clear memory... Low Unreviewed
CVE-2005-2752 was published May 1, 2022
modifyUser.asp in Cool Cafe (Cool Café) Chat 1.2.1 allows remote attackers to obtain the... High Unreviewed
CVE-2005-2036 was published May 1, 2022
** DISPUTED ** JavaMail API 1.1.3 through 1.3, as used by Apache Tomcat 5.0.16, allows remote... Moderate Unreviewed
CVE-2005-1754 was published May 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database