Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
47
GitHub Actions
48
Go
3,378
Maven
5,000+
npm
5,000+
NuGet
881
pip
4,573
Pub
13
RubyGems
1,013
Rust
1,205
Swift
51
Unreviewed advisories
All unreviewed
5,000+

1,102 advisories

Loading
V3 Chat allows remote attackers to obtain the installation path via (1) an invalid id parameter... Low Unreviewed
CVE-2006-3365 was published May 1, 2022
NSSecureTextField in AppKit in Apple Mac OS X 10.4.6 does not re-enable secure event input under... Low Unreviewed
CVE-2006-1439 was published May 1, 2022
unix_random.c in lshd for lsh 2.0.1 leaks file descriptors related to the randomness generator,... Low Unreviewed
CVE-2006-0353 was published May 1, 2022
** DISPUTED ** MySQL 5.0.18 allows local users with access to a VIEW to obtain sensitive... Low Unreviewed
CVE-2006-0369 was published May 1, 2022
Shared memory sections and events in IBM DB2 8.1 have default permissions of read and write for... Low Unreviewed
CVE-2005-4868 was published May 1, 2022
Apache Tomcat AJP Connector Information Leak Low
CVE-2005-3164 was published for org.apache.tomcat:tomcat (Maven) May 1, 2022
fetchmailconf before 1.49 in fetchmail 6.2.0, 6.2.5 and 6.2.5.2 creates configuration files with... Low Unreviewed
CVE-2005-3088 was published May 1, 2022
An unspecified kernel interface in Mac OS X 10.4.2 and earlier does not properly clear memory... Low Unreviewed
CVE-2005-2752 was published May 1, 2022
Photon microGUI in QNX Neutrino realtime operating system (RTOS) 6.1.0 and 6.2.0 allows attackers... Low Unreviewed
CVE-2002-2409 was published Apr 30, 2022
IIS 5 and 5.1 supporting WebDAV methods allows remote attackers to determine the internal IP... Low Unreviewed
CVE-2002-0422 was published Apr 30, 2022
iptables-save in iptables before 1.2.4 records the "--reject-with icmp-host-prohibited" rule as "... Low Unreviewed
CVE-2001-1387 was published Apr 30, 2022
IIS 4.0 allows remote attackers to obtain the internal IP address of the server via an HTTP 1.0... Low Unreviewed
CVE-2000-0649 was published Apr 30, 2022
Classic Cisco IOS 9.1 and later allows attackers with access to the login prompt to obtain... Low Unreviewed
CVE-2000-0368 was published Apr 30, 2022
Microsoft Java Virtual Machine allows remote attackers to read files via the... Low Unreviewed
CVE-2000-0132 was published Apr 30, 2022
ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts. Low Unreviewed
CVE-1999-0524 was published Apr 30, 2022
The installer for BackOffice Server includes account names and passwords in a setup file (reboot... Low Unreviewed
CVE-1999-0372 was published Apr 30, 2022
chpass in OpenBSD 2.0 through 3.2 allows local users to read portions of arbitrary files via a... Low Unreviewed
CVE-2003-1366 was published Apr 29, 2022
Exposure of SSH credentials in Rancher/Fleet Low
GHSA-wm2r-rp98-8pmh was published for github.com/rancher/rancher (Go) Apr 27, 2022
Openstack nova qcow format could expose host filesystem information Low
CVE-2011-3147 was published for nova (pip) Apr 22, 2022
Discoverability of user password hash in Statamic CMS Low
CVE-2022-24784 was published for statamic/cms (Composer) Mar 29, 2022
Twig Sandbox Information Disclosure Low
CVE-2019-9942 was published for twig/twig (Composer) Mar 26, 2022
Information Exposure vulnerability in Watch Active Plugin prior to version 2.2.07.22012751 allows... Low Unreviewed
CVE-2022-25828 was published Mar 11, 2022
Information Exposure vulnerability in Galaxy Watch Plugin prior to version 2.2.05.22012751 allows... Low Unreviewed
CVE-2022-25827 was published Mar 11, 2022
Information Exposure vulnerability in Watch Active2 Plugin prior to version 2.2.08.22012751... Low Unreviewed
CVE-2022-25829 was published Mar 11, 2022
Information Exposure vulnerability in Galaxy Watch Plugin prior to version 2.2.05.220126741... Low Unreviewed
CVE-2022-25823 was published Mar 11, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database