Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,423 advisories

Loading
webSPELL 4.0, and possibly later versions, allows remote attackers to bypass authentication via a... High Unreviewed
CVE-2007-1160 was published May 1, 2022
The Cisco Unified IP Conference Station 7935 3.2(15) and earlier, and Station 7936 3.3(12) and... High Unreviewed
CVE-2007-1062 was published May 1, 2022
T-Com Speedport 500V routers with firmware 1.31 allow remote attackers to bypass authentication... High Unreviewed
CVE-2007-0435 was published May 1, 2022
Unspecified vulnerability in a cryptographic feature in MailEnable Standard Edition before 1.93,... High Unreviewed
CVE-2006-6997 was published May 1, 2022
logahead UNU 1.0 before 20061226 allows remote attackers to upload arbitrary files via... High Unreviewed
CVE-2006-6783 was published May 1, 2022
Multiple unspecified vulnerabilities in the template files in Soumu Workflow for Groupmax 01-00... Moderate Unreviewed
CVE-2006-6705 was published May 1, 2022
Unspecified vulnerability in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to... High Unreviewed
CVE-2006-5268 was published May 1, 2022
SQL-Ledger 2.4.4 through 2.6.17 authenticates users by verifying that the value of the sql-ledger... High Unreviewed
CVE-2006-4244 was published May 1, 2022
Session fixation vulnerability in Jetbox CMS 2.1 SR1 allows remote attackers to hijack web... High Unreviewed
CVE-2006-3583 was published May 1, 2022
newsadmin.asp in Katy Whitton NewsCMSLite allows remote attackers to bypass authentication and... High Unreviewed
CVE-2006-2636 was published May 1, 2022
Microsoft Windows 2000 SP4 does not properly validate an RPC server during mutual authentication... Moderate Unreviewed
CVE-2006-2380 was published May 1, 2022
RealVNC 4.1.1, and other products that use RealVNC such as AdderLink IP and Cisco CallManager,... High Unreviewed
CVE-2006-2369 was published May 1, 2022
The embedded HTTP server in Fuji Xerox Printing Systems (FXPS) print engine, as used in products... Moderate Unreviewed
CVE-2006-2113 was published May 1, 2022
Session fixation vulnerability in Drupal 4.5.x before 4.5.8 and 4.6.x before 4.5.8 allows remote... Moderate Unreviewed
CVE-2006-1228 was published May 1, 2022
The make_password function in ipsclass.php in Invision Power Board (IPB) 2.1.4 uses random data... Moderate Unreviewed
CVE-2006-0633 was published May 1, 2022
SleeperChat 0.3f and earlier allows remote attackers to bypass authentication and create new... Moderate Unreviewed
CVE-2006-0416 was published May 1, 2022
Advantage Century Telecommunication (ACT) P202S IP Phone 1.01.21 running firmware 1.1.21 has... High Unreviewed
CVE-2006-0374 was published May 1, 2022
functions.php in Ragnarok Online Control Panel (ROCP) 4.3.4a allows remote attackers to bypass... High Unreviewed
CVE-2005-4861 was published May 1, 2022
eZ publish 3.4.4 through 3.7 before 20050722 applies certain permissions on the node level, which... Moderate Unreviewed
CVE-2005-4851 was published May 1, 2022
SAPID CMS before 1.2.3.03 allows remote attackers to bypass authentication via direct requests to... High Unreviewed
CVE-2005-4006 was published May 1, 2022
relocate_server.php in Coppermine Photo Gallery (CPG) 1.4.2 and 1.4 beta is not removed after... Moderate Unreviewed
CVE-2005-3979 was published May 1, 2022
mtnpeak.net File Upload Manager does not properly check user authentication for certain actions,... High Unreviewed
CVE-2005-1957 was published May 1, 2022
Secure Shell (SSH) 2 in Cisco IOS 12.0 through 12.3 allows remote attackers to cause a denial of... High Unreviewed
CVE-2005-1020 was published May 1, 2022
The security handler in GoAhead WebServer before 2.1.1 allows remote attackers to bypass... Moderate Unreviewed
CVE-2002-2427 was published Apr 30, 2022
acFTP 1.4 does not properly handle when an invalid password is provided by the user during... High Unreviewed
CVE-2002-2417 was published Apr 30, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database