GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
985 advisories
Filter by severity
Unspecified vulnerability in Command EXEC in Cisco IOS allows local users to bypass command...
Low
Unreviewed
CVE-2007-5549
was published
May 1, 2022
The eHCA driver in Linux kernel 2.6 before 2.6.22, when running on PowerPC, does not properly map...
Low
Unreviewed
CVE-2007-3850
was published
May 1, 2022
Norman SandBox Analyzer does not use the proper range for Interrupt Descriptor Table (IDT)...
Low
Unreviewed
CVE-2007-1194
was published
May 1, 2022
The virtual keyboard implementation in GlobeTrotter Mobility Manager changes the color of a key...
Low
Unreviewed
CVE-2006-6953
was published
May 1, 2022
OpenSSH portable 4.1 on SUSE Linux, and possibly other platforms and versions, and possibly under...
Low
Unreviewed
CVE-2006-5229
was published
May 1, 2022
V3 Chat allows remote attackers to obtain the installation path via (1) an invalid id parameter...
Low
Unreviewed
CVE-2006-3365
was published
May 1, 2022
NSSecureTextField in AppKit in Apple Mac OS X 10.4.6 does not re-enable secure event input under...
Low
Unreviewed
CVE-2006-1439
was published
May 1, 2022
** DISPUTED ** MySQL 5.0.18 allows local users with access to a VIEW to obtain sensitive...
Low
Unreviewed
CVE-2006-0369
was published
May 1, 2022
unix_random.c in lshd for lsh 2.0.1 leaks file descriptors related to the randomness generator,...
Low
Unreviewed
CVE-2006-0353
was published
May 1, 2022
Shared memory sections and events in IBM DB2 8.1 have default permissions of read and write for...
Low
Unreviewed
CVE-2005-4868
was published
May 1, 2022
Apache Tomcat AJP Connector Information Leak
Low
CVE-2005-3164
was published
for
org.apache.tomcat:tomcat
(Maven)
May 1, 2022
fetchmailconf before 1.49 in fetchmail 6.2.0, 6.2.5 and 6.2.5.2 creates configuration files with...
Low
Unreviewed
CVE-2005-3088
was published
May 1, 2022
An unspecified kernel interface in Mac OS X 10.4.2 and earlier does not properly clear memory...
Low
Unreviewed
CVE-2005-2752
was published
May 1, 2022
Photon microGUI in QNX Neutrino realtime operating system (RTOS) 6.1.0 and 6.2.0 allows attackers...
Low
Unreviewed
CVE-2002-2409
was published
Apr 30, 2022
IIS 5 and 5.1 supporting WebDAV methods allows remote attackers to determine the internal IP...
Low
Unreviewed
CVE-2002-0422
was published
Apr 30, 2022
iptables-save in iptables before 1.2.4 records the "--reject-with icmp-host-prohibited" rule as "...
Low
Unreviewed
CVE-2001-1387
was published
Apr 30, 2022
IIS 4.0 allows remote attackers to obtain the internal IP address of the server via an HTTP 1.0...
Low
Unreviewed
CVE-2000-0649
was published
Apr 30, 2022
Classic Cisco IOS 9.1 and later allows attackers with access to the login prompt to obtain...
Low
Unreviewed
CVE-2000-0368
was published
Apr 30, 2022
Microsoft Java Virtual Machine allows remote attackers to read files via the...
Low
Unreviewed
CVE-2000-0132
was published
Apr 30, 2022
ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts.
Low
Unreviewed
CVE-1999-0524
was published
Apr 30, 2022
The installer for BackOffice Server includes account names and passwords in a setup file (reboot...
Low
Unreviewed
CVE-1999-0372
was published
Apr 30, 2022
chpass in OpenBSD 2.0 through 3.2 allows local users to read portions of arbitrary files via a...
Low
Unreviewed
CVE-2003-1366
was published
Apr 29, 2022
Exposure of SSH credentials in Rancher/Fleet
Low
GHSA-wm2r-rp98-8pmh
was published
for
github.com/rancher/rancher
(Go)
Apr 27, 2022
Openstack nova qcow format could expose host filesystem information
Low
CVE-2011-3147
was published
for
nova
(pip)
Apr 22, 2022
Discoverability of user password hash in Statamic CMS
Low
CVE-2022-24784
was published
for
statamic/cms
(Composer)
Mar 29, 2022
ProTip!
Advisories are also available from the
GraphQL API