Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,644 advisories

Loading
b_banner.stm (aka the login page) on the Deutsche Telekom Speedport W500 DSL router allows remote... High Unreviewed
CVE-2008-1252 was published May 1, 2022
Cisco Network Admission Control (NAC) Appliance 3.5.x, 3.6.x before 3.6.4.4, 4.0.x before 4.0.6,... High Unreviewed
CVE-2008-1155 was published May 1, 2022
Cisco Unified Wireless IP Phone 7921, when using Protected Extensible Authentication Protocol ... High Unreviewed
CVE-2008-1113 was published May 1, 2022
Unspecified vulnerability in the download servlet in BEA Plumtree Collaboration 4.1 through SP2... High Unreviewed
CVE-2008-0904 was published May 1, 2022
The Auto Local Logon feature in Check Point VPN-1 SecuRemote/SecureClient NGX R60 and R56 for... High Unreviewed
CVE-2008-0662 was published May 1, 2022
modules/libpr0n/decoders/bmp/nsBMPDecoder.cpp in Mozilla Firefox before 2.0.0.12, Thunderbird... High Unreviewed
CVE-2008-0420 was published May 1, 2022
Paramiko Unsafe randomness usage may allow access to sensitive information High
CVE-2008-0299 was published for paramiko (pip) May 1, 2022
An ActiveX control (Messenger.UIAutomation.1) in Windows Messenger 4.7 and 5.1 is marked as safe... High Unreviewed
CVE-2008-0082 was published May 1, 2022
Opera before 9.25 allows remote attackers to obtain potentially sensitive memory contents via a... High Unreviewed
CVE-2007-6524 was published May 1, 2022
The shmem_getpage function (mm/shmem.c) in Linux kernel 2.6.11 through 2.6.23 does not properly... High Unreviewed
CVE-2007-6417 was published May 1, 2022
TuMusika Evolution 1.7R5 allows remote attackers to obtain configuration information via a direct... High Unreviewed
CVE-2007-6221 was published May 1, 2022
The CryptGenRandom function in Microsoft Windows 2000 generates predictable values, which makes... High Unreviewed
CVE-2007-6043 was published May 1, 2022
Oracle allows remote attackers to obtain server memory contents via crafted packets, aka Oracle... High Unreviewed
CVE-2007-5554 was published May 1, 2022
include/imageupload.js in the MyFTPUploader module in Stride 1.0 contains sensitive information... High Unreviewed
CVE-2007-5431 was published May 1, 2022
Stride 1.0 has a default administrator username of "scott" with the password "running", which... High Unreviewed
CVE-2007-5432 was published May 1, 2022
httpd.tkd in Radia Integration Server in Hewlett-Packard (HP) OpenView Configuration Management ... High Unreviewed
CVE-2007-5413 was published May 1, 2022
Dibbler 0.6.0 on Linux uses weak world-writable permissions for unspecified files in /var/lib... High Unreviewed
CVE-2007-5028 was published May 1, 2022
Cerulean Studios Trillian Pro before 3.1.5.1 allows remote attackers to obtain potentially... High Unreviewed
CVE-2007-2479 was published May 1, 2022
Ezboxx Portal System Beta 0.7.6 and earlier allows remote attackers to obtain sensitive... High Unreviewed
CVE-2007-0259 was published May 1, 2022
Cisco Clean Access (CCA) 3.5.x through 3.5.9 and 3.6.x through 3.6.1.1 on the Clean Access... High Unreviewed
CVE-2007-0058 was published May 1, 2022
Interpretation conflict in ASP.NET in Microsoft .NET Framework 1.0, 1.1, and 2.0 for Windows 2000... High Unreviewed
CVE-2007-0042 was published May 1, 2022
Trac reStructuredText breach of privacy and denial of service vulnerability High
CVE-2006-3695 was published for trac (pip) May 1, 2022
TYPO3 3.8.0 and earlier allows remote attackers to obtain sensitive information via a direct... High Unreviewed
CVE-2005-4875 was published May 1, 2022
Apache Tomcat allows remote attackers to read JSP source files High
CVE-2005-4836 was published for org.apache.tomcat:tomcat (Maven) May 1, 2022
modifyUser.asp in Cool Cafe (Cool Café) Chat 1.2.1 allows remote attackers to obtain the... High Unreviewed
CVE-2005-2036 was published May 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database