Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,423 advisories

Loading
The login method in LoginModule implementations in Apache Geronimo 2.0 does not throw... High Unreviewed
CVE-2007-4548 was published May 1, 2022
Session fixation vulnerability in Ampache before 3.3.3.5 allows remote attackers to hijack web... Moderate Unreviewed
CVE-2007-4438 was published May 1, 2022
Admin.php in Olate Download (od) 3.4.1 uses an MD5 hash of the admin username, user id, and group... High Unreviewed
CVE-2007-4419 was published May 1, 2022
Fedora Commons before 2.2.1 does not properly handle certain authentication requests involving... High Unreviewed
CVE-2007-4364 was published May 1, 2022
Session fixation vulnerability in Mambo 4.6.2 CMS allows remote attackers to hijack web sessions... High Unreviewed
CVE-2007-4203 was published May 1, 2022
file.cgi in Secure Computing SecurityReporter (aka Network Security Analyzer) before 4.6.3 allows... Moderate Unreviewed
CVE-2007-4043 was published May 1, 2022
Session fixation vulnerability in Virtual Hosting Control System (VHCS) 2.4.7.1 and earlier... Moderate Unreviewed
CVE-2007-3988 was published May 1, 2022
Mail in Apple iPhone 1.1.1, when using SSL, does not warn the user when the mail server changes... Moderate Unreviewed
CVE-2007-3754 was published May 1, 2022
Session fixation vulnerability in Zen Cart 1.3.7 and earlier allows remote attackers to hijack... High Unreviewed
CVE-2007-3597 was published May 1, 2022
Cisco Trust Agent (CTA) before 2.1.104.0, when running on MacOS X, allows attackers with physical... High Unreviewed
CVE-2007-3184 was published May 1, 2022
Ingate Firewall and SIParator before 4.5.2 allow remote attackers to bypass SIP authentication... Moderate Unreviewed
CVE-2007-3177 was published May 1, 2022
Session fixation vulnerability in chameleon cms 3.0 and earlier allows remote attackers to hijack... High Unreviewed
CVE-2007-3050 was published May 1, 2022
Session fixation vulnerability in HP Systems Insight Manager (SIM) 4.2 and 5.0 SP4 and SP5 allows... High Unreviewed
CVE-2007-2719 was published May 1, 2022
Unspecified vulnerability in Default.aspx in Podium CMS allows remote attackers to have an... Moderate Unreviewed
CVE-2007-2555 was published May 1, 2022
Session fixation vulnerability in Simple Machines Forum (SMF) 1.1.2 and earlier allows remote... Moderate Unreviewed
CVE-2007-2546 was published May 1, 2022
Session fixation vulnerability in Plogger allows remote attackers to hijack web sessions by... High Unreviewed
CVE-2007-2277 was published May 1, 2022
OpenSSH 4.6 and earlier, when ChallengeResponseAuthentication is enabled, allows remote attackers... Moderate Unreviewed
CVE-2007-2243 was published May 1, 2022
Session fixation vulnerability in eXV2 CMS 2.0.4.3 and earlier allows remote attackers to hijack... Moderate Unreviewed
CVE-2007-1966 was published May 1, 2022
Session fixation vulnerability in onelook courts on-line allows remote attackers to hijack web... High Unreviewed
CVE-2007-1953 was published May 1, 2022
Session fixation vulnerability in onelook onebyone CMS allows remote attackers to hijack web... High Unreviewed
CVE-2007-1952 was published May 1, 2022
Session fixation vulnerability in WebBlizzard CMS allows remote attackers to hijack web sessions... High Unreviewed
CVE-2007-1949 was published May 1, 2022
Session fixation vulnerability in onelook obo Shop allows remote attackers to hijack web sessions... High Unreviewed
CVE-2007-1951 was published May 1, 2022
XScreenSaver 4.10, when using a remote directory service for credentials, does not properly... Moderate Unreviewed
CVE-2007-1859 was published May 1, 2022
Creative Guestbook 1.0 allows remote attackers to add an administrative account via a direct... High Unreviewed
CVE-2007-1480 was published May 1, 2022
IBM DB2 UDB 8.2 before Fixpak 7 (aka fixpack 14), and DB2 9 before Fix Pack 2, on UNIX allows the... Moderate Unreviewed
CVE-2007-1228 was published May 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database