Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,423 advisories

Loading
inc/elementz.php in aliTalk 1.9.1.1 does not properly verify authentication, which allows remote... High Unreviewed
CVE-2008-0391 was published May 1, 2022
MicroNews allows remote attackers to bypass authentication and gain administrative privileges via... High Unreviewed
CVE-2008-0377 was published May 1, 2022
admin/config.php in Evilsentinel 1.0.9 and earlier allows remote attackers to bypass the CAPTCHA... Moderate Unreviewed
CVE-2008-0351 was published May 1, 2022
Open System Consultants (OSC) Radiator before 4.0 allows remote attackers to cause a denial of... High Unreviewed
CVE-2008-0330 was published May 1, 2022
The telnet service in LevelOne WBR-3460 4-Port ADSL 2/2+ Wireless Modem Router with firmware 1.00... High Unreviewed
CVE-2008-0229 was published May 1, 2022
Uebimiau Webmail 2.7.10 and 2.7.2 does not protect authentication state variables from being set... Moderate Unreviewed
CVE-2008-0210 was published May 1, 2022
Unspecified vulnerability in the LDAP authentication feature in Aruba Mobility Controller 2.3.6... Moderate Unreviewed
CVE-2008-0150 was published May 1, 2022
The DNS client in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, and Vista uses... High Unreviewed
CVE-2008-0087 was published May 1, 2022
Dataprobe iBootBar (with 2007-09-20 and possibly later beta firmware) allows remote attackers to... Critical Unreviewed
CVE-2007-6760 was published May 1, 2022
Dataprobe iBootBar (with 2007-09-20 and possibly later released firmware) allows remote attackers... Critical Unreviewed
CVE-2007-6759 was published May 1, 2022
DBMail before 2.2.9, when using authldap with an LDAP server that supports anonymous login such... Moderate Unreviewed
CVE-2007-6714 was published May 1, 2022
The DBLink module in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, 7.4... High Unreviewed
CVE-2007-6601 was published May 1, 2022
Asterisk Open Source 1.2.x before 1.2.26 and 1.4.x before 1.4.16, and Business Edition B.x.x... Moderate Unreviewed
CVE-2007-6430 was published May 1, 2022
Flat PHP Board 1.2 and earlier allows remote attackers to bypass authentication and obtain... Moderate Unreviewed
CVE-2007-6398 was published May 1, 2022
Unspecified vulnerability in the Image Converter functionality in BEA WebLogic Mobility Server 3... High Unreviewed
CVE-2007-6384 was published May 1, 2022
The proxy server in Kerio WinRoute Firewall before 6.4.1 does not properly enforce authentication... Low Unreviewed
CVE-2007-6385 was published May 1, 2022
cp.php in DeluxeBB 1.09 does not verify that the membercookie parameter corresponds to the... High Unreviewed
CVE-2007-6237 was published May 1, 2022
index.php in FTP Admin 0.1.0 allows remote attackers to bypass authentication and obtain... High Unreviewed
CVE-2007-6234 was published May 1, 2022
The American Power Conversion (APC) AP7932 0u 30amp Switched Rack Power Distribution Unit (PDU),... High Unreviewed
CVE-2007-6226 was published May 1, 2022
Unspecified vulnerability in Hitachi JP1/File Transmission Server/FTP 01-00 through 08-10-01... Moderate Unreviewed
CVE-2007-6145 was published May 1, 2022
gnump3d 2.9final does not apply password protection to its plugins, which might allow remote... Moderate Unreviewed
CVE-2007-6130 was published May 1, 2022
Unspecified vulnerability in main.php of BugHotel Reservation System before 4.9.9 P3 allows... High Unreviewed
CVE-2007-6011 was published May 1, 2022
Wordpress 1.5 through 2.3.1 uses cookie values based on the MD5 hash of a password MD5 hash,... Moderate Unreviewed
CVE-2007-6013 was published May 1, 2022
TestLink before 1.7.1 does not enforce an unspecified authorization mechanism, which has unknown... High Unreviewed
CVE-2007-6006 was published May 1, 2022
details.php in BtiTracker before 1.4.5, when torrent viewing is disabled for guests, allows... Moderate Unreviewed
CVE-2007-5987 was published May 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database