Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

12,433 advisories

Loading
TrueCrypt 5.0 stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not... Low Unreviewed
CVE-2008-3899 was published May 2, 2022
Grub Legacy 0.97 and earlier stores pre-boot authentication passwords in the BIOS Keyboard buffer... Low Unreviewed
CVE-2008-3896 was published May 2, 2022
Microsoft Bitlocker in Windows Vista before SP1 stores pre-boot authentication passwords in the... Low Unreviewed
CVE-2008-3893 was published May 2, 2022
LILO 22.6.1 and earlier stores pre-boot authentication passwords in the BIOS Keyboard buffer and... Low Unreviewed
CVE-2008-3895 was published May 2, 2022
IBM Lenovo firmware 7CETB5WW 2.05 stores pre-boot authentication passwords in the BIOS Keyboard... Low Unreviewed
CVE-2008-3894 was published May 2, 2022
Postfix 2.4 before 2.4.9, 2.5 before 2.5.5, and 2.6 before 2.6-20080902, when used with the Linux... Low Unreviewed
CVE-2008-3889 was published May 2, 2022
Apple iPhone 2.0.2, in some configurations, allows physically proximate attackers to bypass... Low Unreviewed
CVE-2008-3876 was published May 2, 2022
Cross-site scripting (XSS) vulnerability in account.php in Lussumo Vanilla 1.1.5-rc1, 1.1.4, and... Low Unreviewed
CVE-2008-3874 was published May 2, 2022
The dbus_signature_validate function in the D-bus library (libdbus) before 1.2.4 allows remote... Low Unreviewed
CVE-2008-3834 was published May 2, 2022
Samba 3.2.0 uses weak permissions (0666) for the (1) group_mapping.tdb and (2) group_mapping.ldb... Low Unreviewed
CVE-2008-3789 was published May 2, 2022
Multiple cross-site scripting (XSS) vulnerabilities in admin/index.php in ACG-PTP 1.0.6 allow... Low Unreviewed
CVE-2008-3782 was published May 2, 2022
Folder Lock 5.9.5 and earlier uses weak encryption (ROT-25) for the password, which allows local... Low Unreviewed
CVE-2008-3775 was published May 2, 2022
The SIP Enablement Services (SES) Server in Avaya SIP Enablement Services 5.0, and Communication... Low Unreviewed
CVE-2008-3777 was published May 2, 2022
The private filesystem in Drupal 5.x before 5.10 and 6.x before 6.4 trusts the MIME type sent by... Low Unreviewed
CVE-2008-3741 was published May 2, 2022
Cross-site scripting (XSS) vulnerability in inc-core-admin-editor-previouscolorsjs.php in the... Low Unreviewed
CVE-2008-3715 was published May 2, 2022
Multiple cross-site scripting (XSS) vulnerabilities in Mambo 4.6.2 and 4.6.5, when... Low Unreviewed
CVE-2008-3712 was published May 2, 2022
The MagnatuneBrowser::listDownloadComplete function in magnatunebrowser/magnatunebrowser.cpp in... Low Unreviewed
CVE-2008-3699 was published May 2, 2022
Apple Safari before 3.2 does not properly prevent caching of form data for form fields that have... Low Unreviewed
CVE-2008-3644 was published May 2, 2022
Apple iTunes before 8.0 on Mac OS X 10.4.11, when iTunes Music Sharing is enabled but blocked by... Low Unreviewed
CVE-2008-3634 was published May 2, 2022
Time Machine in Apple Mac OS X 10.5 through 10.5.4 uses weak permissions for Time Machine Backup... Low Unreviewed
CVE-2008-3619 was published May 2, 2022
Multiple cross-site scripting (XSS) vulnerabilities in Pluck 4.5.2, when register_globals is... Low Unreviewed
CVE-2008-3574 was published May 2, 2022
Unspecified vulnerability in HP OpenView Select Identity (HPSI) Connectors on Windows, as used in... Low Unreviewed
CVE-2008-3539 was published May 2, 2022
The error-reporting functionality in (1) fs/ext2/dir.c, (2) fs/ext3/dir.c, and possibly (3) fs... Low Unreviewed
CVE-2008-3528 was published May 2, 2022
Cross-site scripting (XSS) vulnerability in setup.php in phpMyAdmin before 2.11.8 allows user... Low Unreviewed
CVE-2008-3457 was published May 2, 2022
Unspecified vulnerability in the Solaris Platform Information and Control Library daemon (picld)... Low Unreviewed
CVE-2008-3426 was published May 2, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database