Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

12,455 advisories

Loading
Merkaartor 0.14 allows local users to append data to arbitrary files via a symlink attack on the ... Low Unreviewed
CVE-2009-4193 was published May 2, 2022
Cross-site scripting (XSS) vulnerability in index.php in CutePHP CuteNews 1.4.6 and UTF-8... Low Unreviewed
CVE-2009-4172 was published May 2, 2022
TYPO3 Direct Mail Extension Vulnerable to Cross-Site Scripting (XSS) Low
CVE-2009-4159 was published for directmailteam/direct-mail (Composer) May 2, 2022
nm-connection-editor in NetworkManager (NM) 0.7.x exports connection objects over D-Bus upon... Low Unreviewed
CVE-2009-4145 was published May 2, 2022
Multiple directory traversal vulnerabilities in CutePHP CuteNews 1.4.6, when magic_quotes_gpc is... Low Unreviewed
CVE-2009-4116 was published May 2, 2022
The StartServiceCtrlDispatcher function in the cvpnd service (cvpnd.exe) in Cisco VPN client for... Low Unreviewed
CVE-2009-4118 was published May 2, 2022
TYPSoft FTP Server 1.10 allows remote authenticated users to cause a denial of service (crash) by... Low Unreviewed
CVE-2009-4105 was published May 2, 2022
Multiple unspecified vulnerabilities in ldap_cachemgr (aka the LDAP client configuration cache... Low Unreviewed
CVE-2009-4080 was published May 2, 2022
Unspecified vulnerability in Guest Additions in Sun xVM VirtualBox 1.6.x and 2.0.x before 2.0.12,... Low Unreviewed
CVE-2009-3940 was published May 2, 2022
Cross-site scripting (XSS) vulnerability in wp-admin/press-this.php in WordPress before 2.8.6... Low Unreviewed
CVE-2009-3891 was published May 2, 2022
Unspecified vulnerability in Userpoints 6.x before 6.x-1.1, a module for Drupal, allows remote... Low Unreviewed
CVE-2009-3782 was published May 2, 2022
XScreenSaver in Sun Solaris 10, when the accessibility feature is enabled, allows physically... Low Unreviewed
CVE-2009-3746 was published May 2, 2022
Cross-site scripting (XSS) vulnerability in Organic Groups (OG) 5.x-7.x before 5.x-7.4, 5.x-8.x... Low Unreviewed
CVE-2009-3652 was published May 2, 2022
Cross-site scripting (XSS) vulnerability in the additional links interface in XML Sitemap 5.x-1.6... Low Unreviewed
CVE-2009-3653 was published May 2, 2022
Cross-site scripting (XSS) vulnerability in Service Links 6.x-1.0, a module for Drupal, allows... Low Unreviewed
CVE-2009-3648 was published May 2, 2022
TYPO3 Backend vulnerable to Cross-site Scripting Low
CVE-2009-3629 was published for typo3/cms-backend (Composer) May 2, 2022
The tcf_fill_node function in net/sched/cls_api.c in the netlink subsystem in the Linux kernel 2... Low Unreviewed
CVE-2009-3612 was published May 2, 2022
common/snapshots.py in Back In Time (aka backintime) 0.9.26 changes certain permissions to 0777... Low Unreviewed
CVE-2009-3611 was published May 2, 2022
Multiple cross-site scripting (XSS) vulnerabilities in SQL-Ledger 2.8.24 allow remote... Low Unreviewed
CVE-2009-3581 was published May 2, 2022
Cross-site scripting (XSS) vulnerability in Xerver HTTP Server 4.32 allows remote attackers to... Low Unreviewed
CVE-2009-3562 was published May 2, 2022
A certain Red Hat configuration step for the qla2xxx driver in the Linux kernel 2.6.18 on Red Hat... Low Unreviewed
CVE-2009-3556 was published May 2, 2022
Twiddle in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2... Low Unreviewed
CVE-2009-3554 was published May 2, 2022
Cross-site scripting (XSS) vulnerability in the Bibliography (aka Biblio) module 6.x-1.6 for... Low Unreviewed
CVE-2009-3488 was published May 2, 2022
Multiple cross-site scripting (XSS) vulnerabilities in the J-Web interface in Juniper JUNOS 8.5R1... Low Unreviewed
CVE-2009-3486 was published May 2, 2022
Multiple cross-site scripting (XSS) vulnerabilities in the J-Web interface in Juniper JUNOS 8.5R1... Low Unreviewed
CVE-2009-3487 was published May 2, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database