GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
221,313 advisories
Filter by severity
Buffer overflow in the ActiveX control for Microsoft Access Snapshot Viewer for Access 97, 2000,...
High
Unreviewed
CVE-2003-0665
was published
Apr 29, 2022
Buffer overflow in Microsoft Wordperfect Converter allows remote attackers to execute arbitrary...
High
Unreviewed
CVE-2003-0666
was published
Apr 29, 2022
Sustworks IPNetSentryX and IPNetMonitorX allow local users to sniff network packets via the...
Low
Unreviewed
CVE-2003-0670
was published
Apr 29, 2022
Format string vulnerability in tcpflow, when used in a setuid context, allows local users to...
High
Unreviewed
CVE-2003-0671
was published
Apr 29, 2022
The Authenticode capability in Microsoft Windows NT through Server 2003 does not prompt the user...
High
Unreviewed
CVE-2003-0660
was published
Apr 29, 2022
Unknown vulnerability in Solaris 2.6 through 9 causes a denial of service (system panic) via "a...
Low
Unreviewed
CVE-2003-0669
was published
Apr 29, 2022
"Memory bugs" in OpenSSH 3.7.1 and earlier, with unknown impact, a different set of...
High
Unreviewed
CVE-2003-0682
was published
Apr 29, 2022
Directory traversal vulnerability in ViewLog for iPlanet Administration Server 5.1 (aka Sun ONE)...
Moderate
Unreviewed
CVE-2003-0676
was published
Apr 29, 2022
Cisco CSS 11000 routers on the CS800 chassis allow remote attackers to cause a denial of service ...
Moderate
Unreviewed
CVE-2003-0677
was published
Apr 29, 2022
A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard...
High
Unreviewed
CVE-2003-0681
was published
Apr 29, 2022
Buffer overflow in Netris 0.52 and earlier, and possibly other versions, allows remote malicious...
High
Unreviewed
CVE-2003-0685
was published
Apr 29, 2022
Buffer overflow in PAM SMB module (pam_smb) 1.1.6 and earlier, when authenticating to a remote...
High
Unreviewed
CVE-2003-0686
was published
Apr 29, 2022
The getgrouplist function in GNU libc (glibc) 2.2.4 and earlier allows attackers to cause a...
High
Unreviewed
CVE-2003-0689
was published
Apr 29, 2022
KDM in KDE 3.1.3 and earlier does not verify whether the pam_setcred function call succeeds,...
High
Unreviewed
CVE-2003-0690
was published
Apr 29, 2022
Format string vulnerability in lpd in the bos.rte.printers fileset for AIX 4.3 through 5.2, with...
High
Unreviewed
CVE-2003-0697
was published
Apr 29, 2022
The getipnodebyname() API in AIX 5.1 and 5.2 does not properly close sockets, which allows...
Moderate
Unreviewed
CVE-2003-0696
was published
Apr 29, 2022
KDM in KDE 3.1.3 and earlier uses a weak session cookie generation algorithm that does not...
High
Unreviewed
CVE-2003-0692
was published
Apr 29, 2022
A "buffer management error" in buffer_append_space of buffer.c for OpenSSH before 3.7 may allow...
High
Unreviewed
CVE-2003-0693
was published
Apr 29, 2022
Multiple "buffer management errors" in OpenSSH before 3.7.1 may allow attackers to cause a denial...
High
Unreviewed
CVE-2003-0695
was published
Apr 29, 2022
KisMAC before 0.05d trusts user-supplied variables to load arbitrary kernels or kernel modules,...
High
Unreviewed
CVE-2003-0703
was published
Apr 29, 2022
The C-Media PCI sound driver in Linux before 2.4.21 does not use the get_user function to access...
High
Unreviewed
CVE-2003-0699
was published
Apr 29, 2022
Buffer overflow in Internet Explorer 6 SP1 for certain languages that support double-byte...
High
Unreviewed
CVE-2003-0701
was published
Apr 29, 2022
The C-Media PCI sound driver in Linux before 2.4.22 does not use the get_user function to access...
High
Unreviewed
CVE-2003-0700
was published
Apr 29, 2022
Buffer overflow in mah-jong 1.5.6 and earlier allows remote attackers to execute arbitrary code.
High
Unreviewed
CVE-2003-0705
was published
Apr 29, 2022
KisMAC before 0.05d trusts user-supplied variables when chown'ing files or directories, which...
High
Unreviewed
CVE-2003-0704
was published
Apr 29, 2022
ProTip!
Advisories are also available from the
GraphQL API