Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,128
NuGet
735
pip
3,944
Pub
12
RubyGems
945
Rust
1,024
Swift
39
Unreviewed advisories
All unreviewed
5,000+

12,436 advisories

Loading
Cross-site scripting (XSS) vulnerability in the anonymous comments feature in lib-comment.php in... Low Unreviewed
CVE-2009-0455 was published May 2, 2022
The Installation Factory installation process for IBM WebSphere Application Server (WAS) 6.0.2 on... Low Unreviewed
CVE-2009-0437 was published May 2, 2022
Unspecified vulnerability in IBM WebSphere Application Server (WAS) 5.1.x before 5.1.1.19, 6.0.x... Low Unreviewed
CVE-2009-0433 was published May 2, 2022
PerfServlet in the PMI/Performance Tools component in IBM WebSphere Application Server (WAS) 6.0... Low Unreviewed
CVE-2009-0434 was published May 2, 2022
Untrusted search path vulnerability in trickle 1.07 allows local users to execute arbitrary code... Low Unreviewed
CVE-2009-0415 was published May 2, 2022
Cross-site scripting (XSS) vulnerability in sysconf.cgi in Motorola Wimax modem CPEi300 allows... Low Unreviewed
CVE-2009-0393 was published May 2, 2022
OpenSC before 0.11.7 allows physically proximate attackers to bypass intended PIN requirements... Low Unreviewed
CVE-2009-0368 was published May 2, 2022
Mozilla Firefox 3.x before 3.0.6 does not properly implement the (1) no-store and (2) no-cache... Low Unreviewed
CVE-2009-0358 was published May 2, 2022
Multiple cross-site scripting (XSS) vulnerabilities in Samizdat before 0.6.2 allow remote... Low Unreviewed
CVE-2009-0359 was published May 2, 2022
Cross-domain vulnerability in js/src/jsobj.cpp in Mozilla Firefox 3.x before 3.0.6 allows remote... Low Unreviewed
CVE-2009-0354 was published May 2, 2022
Directory traversal vulnerability in upgrade/index.php in OpenGoo 1.1, when register_globals is... Low Unreviewed
CVE-2009-0286 was published May 2, 2022
listing.php in WebSVN 2.0 and possibly 1.7 beta, when using an SVN authz file, allows remote... Low Unreviewed
CVE-2009-0240 was published May 2, 2022
XTerm in Apple Mac OS X 10.4.11 and 10.5.6, when used with luit, creates tty devices with... Low Unreviewed
CVE-2009-0141 was published May 2, 2022
Race condition in AFP Server in Apple Mac OS X 10.5.6 allows local users to cause a denial of... Low Unreviewed
CVE-2009-0142 was published May 2, 2022
Windows DNS Server in Microsoft Windows 2000 SP4, Server 2003 SP1 and SP2, and Server 2008, when... Low Unreviewed
CVE-2009-0093 was published May 2, 2022
Mozilla Firefox 3.0.5 and earlier 3.0.x versions, when designMode is enabled, allows remote... Low Unreviewed
CVE-2009-0071 was published May 2, 2022
The clone system call in the Linux kernel 2.6.28 and earlier allows local users to send arbitrary... Low Unreviewed
CVE-2009-0028 was published May 2, 2022
Folder Manager in Apple Mac OS X 10.5.6 uses insecure default permissions when recreating a... Low Unreviewed
CVE-2009-0014 was published May 2, 2022
dscl in DS Tools in Apple Mac OS X 10.4.11 and 10.5.6 requires that passwords must be provided as... Low Unreviewed
CVE-2009-0013 was published May 2, 2022
Apple iPhone 2.1 with firmware 5F136, when Require Passcode is enabled and Show SMS Preview is... Low Unreviewed
CVE-2008-4593 was published May 2, 2022
The (1) fence_apc and (2) fence_apc_snmp programs, as used in (a) fence 2.02.00-r1 and possibly ... Low Unreviewed
CVE-2008-4579 was published May 2, 2022
The ImageShack Toolbar ActiveX control (ImageShackToolbar.dll) in ImageShack Toolbar 4.5.7,... Low Unreviewed
CVE-2008-4549 was published May 2, 2022
Cross-site scripting (XSS) vulnerability in Cisco Unity 4.x before 4.2(1)ES162, 5.x before 5.0(1... Low Unreviewed
CVE-2008-4542 was published May 2, 2022
Windows Mobile 6 on the HTC Hermes device makes WLAN passwords available to an auto-completion... Low Unreviewed
CVE-2008-4540 was published May 2, 2022
Cross-site scripting (XSS) vulnerability in Brilliant Gallery 5.x before 5.x-4.2, a module for... Low Unreviewed
CVE-2008-4530 was published May 2, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database