GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,083
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,644
NuGet
638
pip
3,260
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
8,830 advisories
Filter by severity
PHP-Nuke 6.x through 7.6 allows remote attackers to obtain sensitive information via a direct...
Moderate
Unreviewed
CVE-2005-1028
was published
May 1, 2022
Novell iChain Mini FTP Server 2.3 displays different error messages if a user exists or not,...
Moderate
Unreviewed
CVE-2005-0797
was published
May 1, 2022
The Cascading Style Sheets (CSS) implementation in Mozilla Firefox before 4.0, Thunderbird before...
Moderate
Unreviewed
CVE-2002-2436
was published
Apr 30, 2022
The Cascading Style Sheets (CSS) implementation in Microsoft Internet Explorer 8.0 and earlier...
Moderate
Unreviewed
CVE-2002-2435
was published
Apr 30, 2022
openwebmail.pl in Open WebMail 1.7 and 1.71 reveals sensitive information in error messages and...
Moderate
Unreviewed
CVE-2002-2410
was published
Apr 30, 2022
Photon microGUI in QNX Neutrino realtime operating system (RTOS) 6.1.0 and 6.2.0 allows attackers...
Low
Unreviewed
CVE-2002-2409
was published
Apr 30, 2022
NetDSL ADSL Modem 800 with Microsoft Network firmware 5.5.11 allows remote attackers to gain...
Moderate
Unreviewed
CVE-2002-2380
was published
Apr 30, 2022
Perception LiteServe 2.0 allows remote attackers to read password protected files via a leading "...
Moderate
Unreviewed
CVE-2002-2369
was published
Apr 30, 2022
phpinfo.php in phpBBmod 1.3.3 executes the phpinfo function, which allows remote attackers to...
Moderate
Unreviewed
CVE-2002-2349
was published
Apr 30, 2022
phpBB 2.0 through 2.0.3 generates names for uploaded avatar files with the hex-encoded IP address...
Moderate
Unreviewed
CVE-2002-2346
was published
Apr 30, 2022
Bannermatic 1, 2, and 3 stores the (1) ban.log, (2) ban.bak, (3) ban.dat and (4) banmat.pwd data...
Moderate
Unreviewed
CVE-2002-2342
was published
Apr 30, 2022
Memory leak in the (1) httpd, (2) nntpd, and (3) vpn driver in VelociRaptor 1.0 allows remote...
High
Unreviewed
CVE-2002-2317
was published
Apr 30, 2022
soinfo.php in BadBlue 1.7.1 calls the phpinfo function, which allows remote attackers to gain...
Moderate
Unreviewed
CVE-2002-2289
was published
Apr 30, 2022
Mambo Site Server 4.0.11 allows remote attackers to obtain the physical path of the server via an...
Moderate
Unreviewed
CVE-2002-2288
was published
Apr 30, 2022
Ultimate PHP Board (UPB) 1.0 allows remote attackers to view the physical path of the message...
Moderate
Unreviewed
CVE-2002-2276
was published
Apr 30, 2022
Microsoft Internet Information Server (IIS) 5.1 allows remote attackers to view path information...
Moderate
Unreviewed
CVE-2002-1717
was published
Apr 30, 2022
Microsoft Internet Information Server (IIS) 5.1 may allow remote attackers to view the contents...
Moderate
Unreviewed
CVE-2002-1718
was published
Apr 30, 2022
MidiCart stores the midicart.mdb database file under the Web document root, which allows remote...
Moderate
Unreviewed
CVE-2002-1432
was published
Apr 30, 2022
Apache Tomcat Source Code Disclosure
High
CVE-2002-1394
was published
for
org.apache.tomcat:tomcat
(Maven)
Apr 30, 2022
Apache Tomcat Source Code Disclosure
Moderate
CVE-2002-1148
was published
for
org.apache.tomcat:tomcat
(Maven)
Apr 30, 2022
Information leak in Compaq WL310, and the Orinoco Residential Gateway access point it is based on...
Moderate
Unreviewed
CVE-2002-0812
was published
Apr 30, 2022
WebTrends Reporting Center 4.0d allows remote attackers to determine the real path of the web...
Moderate
Unreviewed
CVE-2002-0596
was published
Apr 30, 2022
Information leaks in IIS 4 through 5.1 allow remote attackers to obtain potentially sensitive...
Moderate
Unreviewed
CVE-2002-0419
was published
Apr 30, 2022
IIS 5 and 5.1 supporting WebDAV methods allows remote attackers to determine the internal IP...
Low
Unreviewed
CVE-2002-0422
was published
Apr 30, 2022
iptables-save in iptables before 1.2.4 records the "--reject-with icmp-host-prohibited" rule as "...
Low
Unreviewed
CVE-2001-1387
was published
Apr 30, 2022
ProTip!
Advisories are also available from the
GraphQL API