Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

12,432 advisories

Loading
Cross-site scripting (XSS) vulnerability in return_dynamic_filters.php in Mantis before 1.1.2... Low Unreviewed
CVE-2008-3331 was published May 1, 2022
Cross-site scripting (XSS) vulnerability in blog/edit.php in Moodle 1.6.x before 1.6.7 and 1.7.x... Low Unreviewed
CVE-2008-3326 was published May 1, 2022
Multiple cross-site scripting (XSS) vulnerabilities in BilboBlog 0.2.1 allow remote authenticated... Low Unreviewed
CVE-2008-3301 was published May 1, 2022
src/configure.in in Vim 5.0 through 7.1, when used for a build with Python support, does not... Low Unreviewed
CVE-2008-3294 was published May 1, 2022
yum-rhn-plugin in Red Hat Enterprise Linux (RHEL) 5 does not verify the SSL certificate for a... Low Unreviewed
CVE-2008-3270 was published May 1, 2022
The snd_seq_oss_synth_make_info function in sound/core/seq/oss/seq_oss_synth.c in the sound... Low Unreviewed
CVE-2008-3272 was published May 1, 2022
OpenSSH before 5.1 sets the SO_REUSEADDR socket option when the X11UseLocalhost configuration... Low Unreviewed
CVE-2008-3259 was published May 1, 2022
The ffmpeg lavf demuxer allows user-assisted attackers to cause a denial of service (application... Low Unreviewed
CVE-2008-3230 was published May 1, 2022
Cross-site request forgery (CSRF) vulnerability in phpMyAdmin before 2.11.7.1 allows remote... Low Unreviewed
CVE-2008-3197 was published May 1, 2022
Cross-site scripting (XSS) vulnerability in the Organic Groups (OG) module 5.x before 5.x-7.3 and... Low Unreviewed
CVE-2008-3095 was published May 1, 2022
Cross-site scripting (XSS) vulnerability in the Tinytax module (aka Tinytax taxonomy block) 5.x... Low Unreviewed
CVE-2008-3097 was published May 1, 2022
Cross-site scripting (XSS) vulnerability in the Taxonomy Autotagger module 5.x before 5.x-1.8 for... Low Unreviewed
CVE-2008-3091 was published May 1, 2022
sudo in SUSE openSUSE 10.3 does not clear the stdin buffer when password entry times out, which... Low Unreviewed
CVE-2008-3067 was published May 1, 2022
Cross-site scripting (XSS) vulnerability in phpMyAdmin before 2.11.7, when register_globals is... Low Unreviewed
CVE-2008-2960 was published May 1, 2022
Mozilla Firefox before 2.0.0.16, and 3.x before 3.0.1, interprets '|' (pipe) characters in a... Low Unreviewed
CVE-2008-2933 was published May 1, 2022
Cross-site scripting (XSS) vulnerability in the TrailScout module 5.x before 5.x-1.4 for Drupal... Low Unreviewed
CVE-2008-2849 was published May 1, 2022
Multiple cross-site scripting (XSS) vulnerabilities in the delegated spam management feature in... Low Unreviewed
CVE-2008-2831 was published May 1, 2022
Multiple cross-site scripting (XSS) vulnerabilities in Xigla Absolute Banner Manager XE 2.0 allow... Low Unreviewed
CVE-2008-2761 was published May 1, 2022
Cross-site scripting (XSS) vulnerability in admin/search.asp in Xigla Absolute Live Support XE 5... Low Unreviewed
CVE-2008-2764 was published May 1, 2022
Cross-site scripting (XSS) vulnerability in admin/search.asp in Xigla Poll Manager XE allows... Low Unreviewed
CVE-2008-2768 was published May 1, 2022
Multiple cross-site scripting (XSS) vulnerabilities in Xigla Absolute News Manager XE 3.2 allow... Low Unreviewed
CVE-2008-2758 was published May 1, 2022
No-IP Dynamic Update Client (DUC) 2.2.1 on Windows uses weak permissions for the HKLM\SOFTWARE... Low Unreviewed
CVE-2008-2747 was published May 1, 2022
Unspecified vulnerability in the Oracle JDeveloper component in Oracle Application Server 10.1.2... Low Unreviewed
CVE-2008-2623 was published May 1, 2022
Unspecified vulnerability in the Oracle Reports Developer component in Oracle Application Server... Low Unreviewed
CVE-2008-2619 was published May 1, 2022
Unspecified vulnerability in the Resource Manager component in Oracle Database 10.1.0.5, 10.2.0.4... Low Unreviewed
CVE-2008-2603 was published May 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database