Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,424 advisories

Loading
Unspecified vulnerability in Citrix Access Gateway Standard Edition 4.5.7 and earlier and... High Unreviewed
CVE-2008-2528 was published May 1, 2022
BlogPHP 2.0 allows remote attackers to bypass authentication, and post (1) messages or (2)... Moderate Unreviewed
CVE-2008-2524 was published May 1, 2022
pam_sm_authenticate in pam_pgsql.c in libpam-pgsql 0.6.3 does not properly consider operator... Moderate Unreviewed
CVE-2008-2516 was published May 1, 2022
The web management console in Trend Micro OfficeScan 7.0 through 8.0, Worry-Free Business... High Unreviewed
CVE-2008-2433 was published May 1, 2022
The administration application server in Sun Java Active Server Pages (ASP) Server before 4.0.3... High Unreviewed
CVE-2008-2406 was published May 1, 2022
MyPicGallery 1.0 allows remote attackers to bypass application authentication and gain... High Unreviewed
CVE-2008-2347 was published May 1, 2022
Admin.php in Web Slider 0.6 allows remote attackers to bypass authentication and gain privileges... High Unreviewed
CVE-2008-2298 was published May 1, 2022
admin.php in Internet Photoshow and Internet Photoshow Special Edition (SE) allows remote... High Unreviewed
CVE-2008-2282 was published May 1, 2022
AustinSmoke GasTracker (AS-GasTracker) 1.0.0 allows remote attackers to bypass authentication and... High Unreviewed
CVE-2008-2269 was published May 1, 2022
phShoutBox Final 1.5 and earlier only checks passwords when specified in $_POST, which allows... High Unreviewed
CVE-2008-1971 was published May 1, 2022
The _gnutls_recv_client_kx_message function in lib/gnutls_kx.c in libgnutls in gnutls-serv in... High Unreviewed
CVE-2008-1949 was published May 1, 2022
Sony Mylo COM-2 Japanese model firmware before 1.002 does not properly verify web server SSL... Moderate Unreviewed
CVE-2008-1938 was published May 1, 2022
The cookie authentication method in WordPress 2.5 relies on a hash of a concatenated string... High Unreviewed
CVE-2008-1930 was published May 1, 2022
Cicoandcico CcMail 1.0.1 and earlier does not verify that the this_cookie cookie corresponds to... High Unreviewed
CVE-2008-1904 was published May 1, 2022
The IAX2 channel driver (chan_iax2) in Asterisk Open Source 1.0.x, 1.2.x before 1.2.28, and 1.4.x... Moderate Unreviewed
CVE-2008-1897 was published May 1, 2022
The server in Blackboard Academic Suite 7.x stores MD5 password hashes that are provided directly... Moderate Unreviewed
CVE-2008-1883 was published May 1, 2022
admin/sauvBase.php in Blog Pixel Motion (aka Blog PixelMotion) does not require authentication,... High Unreviewed
CVE-2008-1868 was published May 1, 2022
KnowledgeQuest 2.5 and 2.6 does not require authentication for access to admincheck.php, which... High Unreviewed
CVE-2008-1727 was published May 1, 2022
ZyXEL Prestige routers, including P-660, P-661, and P-662 models with firmware 3.40(AGD.2)... Moderate Unreviewed
CVE-2008-1528 was published May 1, 2022
Gallarific Free Edition 1.1 does not require authentication for (1) photos.php, (2) comments.php,... Moderate Unreviewed
CVE-2008-1469 was published May 1, 2022
Plone CMS does not record users' authentication states, and implements the logout feature solely... High Unreviewed
CVE-2008-1395 was published May 1, 2022
Unspecified vulnerability in xscreensaver in Sun Solaris 10 Java Desktop System (JDS), when using... Moderate Unreviewed
CVE-2008-1356 was published May 1, 2022
Gallarific does not require authentication for (1) users.php and (2) index.php, which allows... High Unreviewed
CVE-2008-1327 was published May 1, 2022
cgi/b on the BT Home Hub router allows remote attackers to bypass authentication, and read or... High Unreviewed
CVE-2008-1334 was published May 1, 2022
The FxIAList service in ASG-Sentry Network Manager 7.0.0 and earlier does require authentication,... Moderate Unreviewed
CVE-2008-1321 was published May 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database