Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

613 advisories

Loading
Nettica Corporation INTELLIPEER Email Server 1.01 displays different error messages for valid and... Moderate Unreviewed
CVE-2004-2150 was published Apr 29, 2022
ProFTPD 1.2.x, including 1.2.8 and 1.2.10, responds in a different amount of time when a given... Moderate Unreviewed
CVE-2004-1602 was published Apr 29, 2022
ArGoSoft FTP before 1.4.2.1 generates an error message if the user name does not exist instead of... Moderate Unreviewed
CVE-2004-1428 was published Apr 29, 2022
CVS 1.11.x before 1.11.17, and 1.12.x before 1.12.9, allows remote attackers to determine the... Moderate Unreviewed
CVE-2004-0778 was published Apr 29, 2022
YaBB 1 SP 1.3.1 displays different error messages when a user exists or not, which makes it... Moderate Unreviewed
CVE-2004-0294 was published Apr 29, 2022
AIX 4.3.3 through AIX 5.1, when direct remote login is disabled, displays a different message if... Moderate Unreviewed
CVE-2004-0243 was published Apr 29, 2022
Novell iChain 2.2 before Support Pack 1 uses a shorter timeout for a non-existent user than a... Moderate Unreviewed
CVE-2003-0637 was published Apr 29, 2022
OpenSSH-portable (OpenSSH) 3.6.1p1 and earlier with PAM support enabled immediately sends an... Moderate Unreviewed
CVE-2003-0190 was published Apr 29, 2022
Hills ComNav version 3002-19 suffers from a weak communication channel. Traffic across the local... Moderate Unreviewed
CVE-2022-1318 was published Apr 21, 2022
IBM MQ Appliance 9.2 CD and 9.2 LTS could allow an attacker to enumerate account credentials due... Moderate Unreviewed
CVE-2022-22356 was published Apr 6, 2022
In DevicePolicyManager, there is a possible way to determine whether an app is installed, without... Moderate Unreviewed
CVE-2021-39745 was published Mar 31, 2022
In DevicePolicyManager, there is a possible way to determine whether an app is installed, without... Moderate Unreviewed
CVE-2021-39744 was published Mar 31, 2022
In ContextImpl, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed
CVE-2021-39754 was published Mar 31, 2022
In DevicePolicyManager, there is a possible way to reveal the existence of an installed package... Moderate Unreviewed
CVE-2021-39755 was published Mar 31, 2022
In Framework, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed
CVE-2021-39756 was published Mar 31, 2022
In AudioService, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed
CVE-2021-39760 was published Mar 31, 2022
In Media, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed
CVE-2021-39761 was published Mar 31, 2022
In Settings, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed
CVE-2021-39766 was published Mar 31, 2022
In People, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed
CVE-2021-39775 was published Mar 31, 2022
In VpnManagerService, there is a possible disclosure of installed VPN packages due to side... Moderate Unreviewed
CVE-2021-39773 was published Mar 31, 2022
In TelecomManager, there is a possible way to check if a particular self managed phone account... Moderate Unreviewed
CVE-2021-39788 was published Mar 31, 2022
In WallpaperManagerService, there is a possible way to determine whether an app is installed,... Moderate Unreviewed
CVE-2021-39791 was published Mar 31, 2022
Discoverability of user password hash in Statamic CMS Low
CVE-2022-24784 was published for statamic/cms (Composer) Mar 29, 2022
Symfony Http-Kernel has non-constant time comparison in UriSigner High
CVE-2019-18887 was published for symfony/http-kernel (Composer) Mar 26, 2022
An information leak in Nabu Casa Home Assistant Operating System and Home Assistant Supervised... High Unreviewed
CVE-2020-36517 was published Mar 11, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database