Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,083
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,644
NuGet
638
pip
3,260
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

8,830 advisories

Loading
PHP-Nuke 6.x through 7.6 allows remote attackers to obtain sensitive information via a direct... Moderate Unreviewed
CVE-2005-1028 was published May 1, 2022
Novell iChain Mini FTP Server 2.3 displays different error messages if a user exists or not,... Moderate Unreviewed
CVE-2005-0797 was published May 1, 2022
The Cascading Style Sheets (CSS) implementation in Mozilla Firefox before 4.0, Thunderbird before... Moderate Unreviewed
CVE-2002-2436 was published Apr 30, 2022
The Cascading Style Sheets (CSS) implementation in Microsoft Internet Explorer 8.0 and earlier... Moderate Unreviewed
CVE-2002-2435 was published Apr 30, 2022
openwebmail.pl in Open WebMail 1.7 and 1.71 reveals sensitive information in error messages and... Moderate Unreviewed
CVE-2002-2410 was published Apr 30, 2022
Photon microGUI in QNX Neutrino realtime operating system (RTOS) 6.1.0 and 6.2.0 allows attackers... Low Unreviewed
CVE-2002-2409 was published Apr 30, 2022
NetDSL ADSL Modem 800 with Microsoft Network firmware 5.5.11 allows remote attackers to gain... Moderate Unreviewed
CVE-2002-2380 was published Apr 30, 2022
Perception LiteServe 2.0 allows remote attackers to read password protected files via a leading "... Moderate Unreviewed
CVE-2002-2369 was published Apr 30, 2022
phpinfo.php in phpBBmod 1.3.3 executes the phpinfo function, which allows remote attackers to... Moderate Unreviewed
CVE-2002-2349 was published Apr 30, 2022
phpBB 2.0 through 2.0.3 generates names for uploaded avatar files with the hex-encoded IP address... Moderate Unreviewed
CVE-2002-2346 was published Apr 30, 2022
Bannermatic 1, 2, and 3 stores the (1) ban.log, (2) ban.bak, (3) ban.dat and (4) banmat.pwd data... Moderate Unreviewed
CVE-2002-2342 was published Apr 30, 2022
Memory leak in the (1) httpd, (2) nntpd, and (3) vpn driver in VelociRaptor 1.0 allows remote... High Unreviewed
CVE-2002-2317 was published Apr 30, 2022
soinfo.php in BadBlue 1.7.1 calls the phpinfo function, which allows remote attackers to gain... Moderate Unreviewed
CVE-2002-2289 was published Apr 30, 2022
Mambo Site Server 4.0.11 allows remote attackers to obtain the physical path of the server via an... Moderate Unreviewed
CVE-2002-2288 was published Apr 30, 2022
Ultimate PHP Board (UPB) 1.0 allows remote attackers to view the physical path of the message... Moderate Unreviewed
CVE-2002-2276 was published Apr 30, 2022
Microsoft Internet Information Server (IIS) 5.1 allows remote attackers to view path information... Moderate Unreviewed
CVE-2002-1717 was published Apr 30, 2022
Microsoft Internet Information Server (IIS) 5.1 may allow remote attackers to view the contents... Moderate Unreviewed
CVE-2002-1718 was published Apr 30, 2022
MidiCart stores the midicart.mdb database file under the Web document root, which allows remote... Moderate Unreviewed
CVE-2002-1432 was published Apr 30, 2022
Apache Tomcat Source Code Disclosure High
CVE-2002-1394 was published for org.apache.tomcat:tomcat (Maven) Apr 30, 2022
Apache Tomcat Source Code Disclosure Moderate
CVE-2002-1148 was published for org.apache.tomcat:tomcat (Maven) Apr 30, 2022
Information leak in Compaq WL310, and the Orinoco Residential Gateway access point it is based on... Moderate Unreviewed
CVE-2002-0812 was published Apr 30, 2022
WebTrends Reporting Center 4.0d allows remote attackers to determine the real path of the web... Moderate Unreviewed
CVE-2002-0596 was published Apr 30, 2022
Information leaks in IIS 4 through 5.1 allow remote attackers to obtain potentially sensitive... Moderate Unreviewed
CVE-2002-0419 was published Apr 30, 2022
IIS 5 and 5.1 supporting WebDAV methods allows remote attackers to determine the internal IP... Low Unreviewed
CVE-2002-0422 was published Apr 30, 2022
iptables-save in iptables before 1.2.4 records the "--reject-with icmp-host-prohibited" rule as "... Low Unreviewed
CVE-2001-1387 was published Apr 30, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database