Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,509
Maven
5,000+
npm
4,149
NuGet
736
pip
3,949
Pub
12
RubyGems
946
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

12,459 advisories

Loading
Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure Privacy Edition (DTSP), and... Low Unreviewed
CVE-2010-0221 was published May 2, 2022
BIND 9.7.1 and 9.7.1-P1, when a recursive validating server has a trust anchor that is configured... Low Unreviewed
CVE-2010-0213 was published May 2, 2022
Install/Filesystem.pm in Bugzilla 3.5.1 through 3.6 and 3.7, when use_suexec is enabled, uses... Low Unreviewed
CVE-2010-0180 was published May 2, 2022
Puppet arbitrary files overwrite via a symlink attack Low
CVE-2010-0156 was published for puppet (RubyGems) May 2, 2022
CRLF injection vulnerability in load.php in the Local Management Interface (LMI) on the IBM... Low Unreviewed
CVE-2010-0155 was published May 2, 2022
Cross-site scripting (XSS) vulnerability in ViewVC 1.1 before 1.1.5 and 1.0 before 1.0.11, when... Low Unreviewed
CVE-2010-0132 was published May 2, 2022
Employee Timeclock Software 0.99 places the database password on the mysqldump command line,... Low Unreviewed
CVE-2010-0124 was published May 2, 2022
Bournal before 1.4.1 allows local users to overwrite arbitrary files via a symlink attack on... Low Unreviewed
CVE-2010-0118 was published May 2, 2022
Bournal before 1.4.1 on FreeBSD 8.0, when the -K option is used, places a ccrypt key on the... Low Unreviewed
CVE-2010-0119 was published May 2, 2022
The on-demand scanning in Symantec AntiVirus 10.0.x and 10.1.x before MR9, AntiVirus 10.2.x, and... Low Unreviewed
CVE-2010-0106 was published May 2, 2022
Unspecified vulnerability in the Application Server Control component in Oracle Fusion Middleware... Low Unreviewed
CVE-2010-0081 was published May 2, 2022
The Application-Level Gateway (ALG) on the Apple Time Capsule, AirPort Extreme Base Station, and... Low Unreviewed
CVE-2010-0039 was published May 2, 2022
System Security Services Daemon (SSSD) before 1.0.1, when the krb5 auth_provider is configured... Low Unreviewed
CVE-2010-0014 was published May 2, 2022
net/bridge/netfilter/ebtables.c in the ebtables module in the netfilter framework in the Linux... Low Unreviewed
CVE-2010-0007 was published May 2, 2022
The /etc/profile.d/60alias.sh script in the Mandriva bash package for Bash 2.05b, 3.0, 3.2, 3.2... Low Unreviewed
CVE-2010-0002 was published May 2, 2022
The Web Post Protection feature in McAfee Host Data Loss Prevention (DLP) 3.x before 3.0.100.10... Low Unreviewed
CVE-2009-5117 was published May 2, 2022
Pentaho BI Server 1.7.0.1062 and earlier does not set the autocomplete tag to off on web pages... Low Unreviewed
CVE-2009-5100 was published May 2, 2022
IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.2, when configured as an OpenID... Low Unreviewed
CVE-2009-5085 was published May 2, 2022
The (1) configure and (2) config.guess scripts in GNU troff (aka groff) 1.20.1 on Openwall GNU/*... Low Unreviewed
CVE-2009-5082 was published May 2, 2022
The (1) config.guess, (2) contrib/groffer/perl/groffer.pl, and (3) contrib/groffer/perl/roff2.pl... Low Unreviewed
CVE-2009-5081 was published May 2, 2022
The (1) contrib/eqn2graph/eqn2graph.sh, (2) contrib/grap2graph/grap2graph.sh, and (3) contrib... Low Unreviewed
CVE-2009-5080 was published May 2, 2022
IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.2, when com.tivoli.am.fim... Low Unreviewed
CVE-2009-5084 was published May 2, 2022
The (1) gendef.sh, (2) doc/fixinfo.sh, and (3) contrib/gdiffmk/tests/runtests.in scripts in GNU... Low Unreviewed
CVE-2009-5079 was published May 2, 2022
IBM Lotus Quickr 8.1 before 8.1.0.15 services for Lotus Domino on AIX allows remote authenticated... Low Unreviewed
CVE-2009-5062 was published May 2, 2022
twiddle.sh in JBoss AS 5.0 and EAP 5.0 and earlier accepts credentials as command-line arguments,... Low Unreviewed
CVE-2009-5066 was published May 2, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database