GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,083
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,644
NuGet
638
pip
3,260
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
8,830 advisories
Filter by severity
Apache Tomcat Allows Source Disclosure
Moderate
CVE-2001-0590
was published
for
org.apache.tomcat:tomcat-servlet-api
(Maven)
Apr 30, 2022
WFTPD and WFTPD Pro 2.41 RC12 allows remote attackers to obtain the full pathname of the server...
Moderate
Unreviewed
CVE-2000-0876
was published
Apr 30, 2022
Jakarta Apache Tomcat Reveals Physical Paths
Moderate
CVE-2000-0759
was published
for
org.apache.tomcat:tomcat
(Maven)
Apr 30, 2022
IIS 4.0 allows remote attackers to obtain the internal IP address of the server via an HTTP 1.0...
Low
Unreviewed
CVE-2000-0649
was published
Apr 30, 2022
SawMill 5.0.21 CGI program allows remote attackers to read the first line of arbitrary files by...
Moderate
Unreviewed
CVE-2000-0588
was published
Apr 30, 2022
Classic Cisco IOS 9.1 and later allows attackers with access to the login prompt to obtain...
Low
Unreviewed
CVE-2000-0368
was published
Apr 30, 2022
Microsoft Java Virtual Machine allows remote attackers to read files via the...
Low
Unreviewed
CVE-2000-0132
was published
Apr 30, 2022
Vulnerability in bb-hist.sh CGI History module in Big Brother 1.09b and 1.09c allows remote...
Moderate
Unreviewed
CVE-1999-1462
was published
Apr 30, 2022
Vulnerability in Predictive on HP-UX 11.0 and earlier, and MPE/iX 5.5 and earlier, allows...
Moderate
Unreviewed
CVE-1999-1136
was published
Apr 30, 2022
Internet Explorer 5 allows remote attackers to read files via an ExecCommand method called on an...
Moderate
Unreviewed
CVE-1999-0877
was published
Apr 30, 2022
An incorrect configuration of the EZMall 2000 shopping cart CGI program "mall2000.cgi" could...
Moderate
Unreviewed
CVE-1999-0606
was published
Apr 30, 2022
An incorrect configuration of the Order Form 1.0 shopping cart CGI program could disclose...
Moderate
Unreviewed
CVE-1999-0605
was published
Apr 30, 2022
ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts.
Low
Unreviewed
CVE-1999-0524
was published
Apr 30, 2022
An attacker can identify a CISCO device by sending a SYN packet to port 1999, which is for the...
Moderate
Unreviewed
CVE-1999-0453
was published
Apr 30, 2022
The installer for BackOffice Server includes account names and passwords in a setup file (reboot...
Low
Unreviewed
CVE-1999-0372
was published
Apr 30, 2022
IIS ASP caching problem releases sensitive information when two virtual servers share the same...
Moderate
Unreviewed
CVE-1999-0348
was published
Apr 30, 2022
ScriptAlias directory in NCSA and Apache httpd allowed attackers to read CGI programs.
High
Unreviewed
CVE-1999-0236
was published
Apr 30, 2022
IRIX fam service allows an attacker to obtain a list of all files on the server.
High
Unreviewed
CVE-1999-0059
was published
Apr 30, 2022
A flaw was found in the way dic_unserialize function of glusterfs does not handle negative key...
High
Unreviewed
CVE-2018-10911
was published
Apr 30, 2022
Elcomplus SmartPTT SCADA Server is vulnerable to an unauthenticated user can request various...
Critical
Unreviewed
CVE-2021-43938
was published
Apr 30, 2022
Elcomplus SmartPTT SCADA Server web application does not, or cannot, sufficiently verify whether...
High
Unreviewed
CVE-2021-43937
was published
Apr 30, 2022
A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel....
High
Unreviewed
CVE-2022-1353
was published
Apr 30, 2022
Webmail in Sun ONE Messaging Server 6.1 and iPlanet Messaging Server 5.2 before 5.2hf2.02 allows...
Moderate
Unreviewed
CVE-2004-2766
was published
Apr 29, 2022
viewreport.pl in NetIQ WebTrends Reporting Center Enterprise Edition 6.1a allows remote attackers...
Moderate
Unreviewed
CVE-2004-2748
was published
Apr 29, 2022
The default configuration of BEA WebLogic Server and Express 8.1 SP2 and earlier, 7.0 SP4 and...
Moderate
Unreviewed
CVE-2004-2320
was published
Apr 29, 2022
ProTip!
Advisories are also available from the
GraphQL API