GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
10,622 advisories
Filter by severity
The logging feature in kcms_configure in the KCMS package on Solaris 8 and 9, and possibly other...
Low
Unreviewed
CVE-2004-0481
was published
Apr 29, 2022
mshtml.dll in Microsoft Internet Explorer 6.0.2800 allows remote attackers to cause a denial of...
Low
Unreviewed
CVE-2004-0484
was published
Apr 29, 2022
BEA WebLogic Server and WebLogic Express 7.0 through SP5 and 8.1 through SP2 does not enforce...
Low
Unreviewed
CVE-2004-0471
was published
Apr 29, 2022
Unknown versions of Mozilla allow remote attackers to cause a denial of service (high CPU/RAM...
Low
Unreviewed
CVE-2004-0478
was published
Apr 29, 2022
Argument injection vulnerability in Opera before 7.50 does not properly filter "-" characters...
Low
Unreviewed
CVE-2004-0473
was published
Apr 29, 2022
The built-in web servers for multiple networking devices do not set the Secure attribute for...
Low
Unreviewed
CVE-2004-0462
was published
Apr 29, 2022
The SYMDNS.SYS driver in Symantec Norton Internet Security and Professional 2002 through 2004,...
Low
Unreviewed
CVE-2004-0445
was published
Apr 29, 2022
flim before 1.14.3 creates temporary files insecurely, which allows local users to overwrite...
Low
Unreviewed
CVE-2004-0422
was published
Apr 29, 2022
The log_event function in ssmtp 2.50.6 and earlier allows local users to overwrite arbitrary...
Low
Unreviewed
CVE-2004-0423
was published
Apr 29, 2022
The HTML form upload capability in ColdFusion MX 6.1 does not reclaim disk space if an upload is...
Low
Unreviewed
CVE-2004-0407
was published
Apr 29, 2022
logcheck before 1.1.1 allows local users to overwrite arbitrary files via a symlink attack on a...
Low
Unreviewed
CVE-2004-0404
was published
Apr 29, 2022
mysqlbug in MySQL allows local users to overwrite arbitrary files via a symlink attack on the...
Low
Unreviewed
CVE-2004-0381
was published
Apr 29, 2022
xine allows local users to overwrite arbitrary files via a symlink attack on a bug report email...
Low
Unreviewed
CVE-2004-0372
was published
Apr 29, 2022
The mysqld_multi script in MySQL allows local users to overwrite arbitrary files via a symlink...
Low
Unreviewed
CVE-2004-0388
was published
Apr 29, 2022
SpiderSales shopping cart does not enforce a minimum length for the private key, which can make...
Low
Unreviewed
CVE-2004-0350
was published
Apr 29, 2022
Spider Sales shopping cart stores the private key in the same database and table as the public...
Low
Unreviewed
CVE-2004-0351
was published
Apr 29, 2022
WFTPD Pro Server 3.21 Release 1 allocates memory for a command until a 0Ah byte (newline) is sent...
Low
Unreviewed
CVE-2004-0341
was published
Apr 29, 2022
WFTPD Pro Server 3.21 Release 1, with the XeroxDocutech option enabled, allows local users to...
Low
Unreviewed
CVE-2004-0342
was published
Apr 29, 2022
TYPSoft FTP Server 1.10 allows remote authenticated users to cause a denial of service (CPU...
Low
Unreviewed
CVE-2004-0325
was published
Apr 29, 2022
Unknown vulnerability in nCipher Hardware Security Modules (HSM) 1.67.x through 1.99.x allows...
Low
Unreviewed
CVE-2004-0320
was published
Apr 29, 2022
Buffer overflow in smallftpd 0.99 allows local users to cause a denial of service (crash) via an...
Low
Unreviewed
CVE-2004-0299
was published
Apr 29, 2022
Mailmgr 1.2.3 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp...
Low
Unreviewed
CVE-2004-0283
was published
Apr 29, 2022
Buffer overflow in sdbscan in SignatureDB 0.1.1 allows local users to cause a denial of service ...
Low
Unreviewed
CVE-2004-0289
was published
Apr 29, 2022
The (1) inoregupdate, (2) uniftest, or (3) unimove scripts in eTrust InoculateIT for Linux 6.0...
Low
Unreviewed
CVE-2004-0267
was published
Apr 29, 2022
GNU libtool before 1.5.2, during compile time, allows local users to overwrite arbitrary files...
Low
Unreviewed
CVE-2004-0256
was published
Apr 29, 2022
ProTip!
Advisories are also available from the
GraphQL API