Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

12,432 advisories

Loading
Untrusted search path vulnerability in trickle 1.07 allows local users to execute arbitrary code... Low Unreviewed
CVE-2009-0415 was published May 2, 2022
Cross-site scripting (XSS) vulnerability in sysconf.cgi in Motorola Wimax modem CPEi300 allows... Low Unreviewed
CVE-2009-0393 was published May 2, 2022
OpenSC before 0.11.7 allows physically proximate attackers to bypass intended PIN requirements... Low Unreviewed
CVE-2009-0368 was published May 2, 2022
Mozilla Firefox 3.x before 3.0.6 does not properly implement the (1) no-store and (2) no-cache... Low Unreviewed
CVE-2009-0358 was published May 2, 2022
Multiple cross-site scripting (XSS) vulnerabilities in Samizdat before 0.6.2 allow remote... Low Unreviewed
CVE-2009-0359 was published May 2, 2022
Cross-domain vulnerability in js/src/jsobj.cpp in Mozilla Firefox 3.x before 3.0.6 allows remote... Low Unreviewed
CVE-2009-0354 was published May 2, 2022
Directory traversal vulnerability in upgrade/index.php in OpenGoo 1.1, when register_globals is... Low Unreviewed
CVE-2009-0286 was published May 2, 2022
listing.php in WebSVN 2.0 and possibly 1.7 beta, when using an SVN authz file, allows remote... Low Unreviewed
CVE-2009-0240 was published May 2, 2022
XTerm in Apple Mac OS X 10.4.11 and 10.5.6, when used with luit, creates tty devices with... Low Unreviewed
CVE-2009-0141 was published May 2, 2022
Race condition in AFP Server in Apple Mac OS X 10.5.6 allows local users to cause a denial of... Low Unreviewed
CVE-2009-0142 was published May 2, 2022
Windows DNS Server in Microsoft Windows 2000 SP4, Server 2003 SP1 and SP2, and Server 2008, when... Low Unreviewed
CVE-2009-0093 was published May 2, 2022
Mozilla Firefox 3.0.5 and earlier 3.0.x versions, when designMode is enabled, allows remote... Low Unreviewed
CVE-2009-0071 was published May 2, 2022
The clone system call in the Linux kernel 2.6.28 and earlier allows local users to send arbitrary... Low Unreviewed
CVE-2009-0028 was published May 2, 2022
Folder Manager in Apple Mac OS X 10.5.6 uses insecure default permissions when recreating a... Low Unreviewed
CVE-2009-0014 was published May 2, 2022
dscl in DS Tools in Apple Mac OS X 10.4.11 and 10.5.6 requires that passwords must be provided as... Low Unreviewed
CVE-2009-0013 was published May 2, 2022
Apple iPhone 2.1 with firmware 5F136, when Require Passcode is enabled and Show SMS Preview is... Low Unreviewed
CVE-2008-4593 was published May 2, 2022
The (1) fence_apc and (2) fence_apc_snmp programs, as used in (a) fence 2.02.00-r1 and possibly ... Low Unreviewed
CVE-2008-4579 was published May 2, 2022
The ImageShack Toolbar ActiveX control (ImageShackToolbar.dll) in ImageShack Toolbar 4.5.7,... Low Unreviewed
CVE-2008-4549 was published May 2, 2022
Cross-site scripting (XSS) vulnerability in Cisco Unity 4.x before 4.2(1)ES162, 5.x before 5.0(1... Low Unreviewed
CVE-2008-4542 was published May 2, 2022
Windows Mobile 6 on the HTC Hermes device makes WLAN passwords available to an auto-completion... Low Unreviewed
CVE-2008-4540 was published May 2, 2022
Cross-site scripting (XSS) vulnerability in Brilliant Gallery 5.x before 5.x-4.2, a module for... Low Unreviewed
CVE-2008-4530 was published May 2, 2022
Cross-site scripting (XSS) vulnerability in the command-line client in MySQL 5.0.26 through 5.0... Low Unreviewed
CVE-2008-4456 was published May 2, 2022
XRunSabre in sabre (aka xsabre) 0.2.4b relies on the ability to create /tmp/sabre.log, which... Low Unreviewed
CVE-2008-4407 was published May 2, 2022
Apache Tomcat information disclosure vulnerability Low
CVE-2008-4308 was published for org.apache.tomcat:tomcat (Maven) May 2, 2022
VMware VirtualCenter 2.5 before Update 3 build 119838 on Windows displays a user's password in... Low Unreviewed
CVE-2008-4278 was published May 2, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database