Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

12,432 advisories

Loading
The Printing component in Apple Mac OS X 10.5.2 might save authentication credentials to disk... Low Unreviewed
CVE-2008-0996 was published May 1, 2022
Preview in Apple Mac OS X 10.5.2 uses 40-bit RC4 when saving a PDF file with encryption, which... Low Unreviewed
CVE-2008-0994 was published May 1, 2022
Podcast Capture in Podcast Producer for Apple Mac OS X 10.5.2 invokes a subtask with passwords in... Low Unreviewed
CVE-2008-0993 was published May 1, 2022
The Printing component in Apple Mac OS X 10.5.2 uses 40-bit RC4 when printing to an encrypted PDF... Low Unreviewed
CVE-2008-0995 was published May 1, 2022
Multiple cross-site scripting (XSS) vulnerabilities in index.cgi in Barracuda Spam Firewall (BSF)... Low Unreviewed
CVE-2008-0971 was published May 1, 2022
Format string vulnerability in the logging function in the IM Server (aka IMserve or IMserver) in... Low Unreviewed
CVE-2008-0945 was published May 1, 2022
Red Hat Directory Server 8.0, when running on Red Hat Enterprise Linux, uses insecure permissions... Low Unreviewed
CVE-2008-0889 was published May 1, 2022
acroread in Adobe Acrobat Reader 8.1.2 allows local users to overwrite arbitrary files via a... Low Unreviewed
CVE-2008-0883 was published May 1, 2022
Directory traversal vulnerability in index.php in Scribe 0.2 allows remote attackers to read... Low Unreviewed
CVE-2008-0822 was published May 1, 2022
Directory traversal vulnerability in index.php in PlutoStatus Locator 1.0 pre alpha allows remote... Low Unreviewed
CVE-2008-0819 was published May 1, 2022
wyrd 1.4.3b allows local users to overwrite arbitrary files via a symlink attack on the wyrd-tmp.... Low Unreviewed
CVE-2008-0806 was published May 1, 2022
IBM WebSphere Application Server (WAS) before 6.0.2 Fix Pack 25 (6.0.2.25) and 6.1 before Fix... Low Unreviewed
CVE-2008-0740 was published May 1, 2022
The init script for Apache Geronimo on SUSE Linux follows symlinks when performing a chown... Low Unreviewed
CVE-2008-0732 was published May 1, 2022
Novell Challenge Response Client (LCM) 2.7.5 and earlier, as used with Novell Client for Windows... Low Unreviewed
CVE-2008-0663 was published May 1, 2022
wml_backend/p1_ipp/ipp.src in Website META Language (WML) 2.0.11 allows local users to overwrite... Low Unreviewed
CVE-2008-0665 was published May 1, 2022
Website META Language (WML) 2.0.11 allows local users to overwrite arbitrary files via a symlink... Low Unreviewed
CVE-2008-0666 was published May 1, 2022
Geert Moernaut LSrunasE and Supercrypt use an encryption key composed of an SHA1 hash of a fixed... Low Unreviewed
CVE-2008-0580 was published May 1, 2022
CRLF injection vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and... Low Unreviewed
CVE-2008-0456 was published May 1, 2022
IBM Tivoli Business Service Manager (TBSM) 4.1.1 stores passwords in cleartext (1) after external... Low Unreviewed
CVE-2008-0441 was published May 1, 2022
Cross-site scripting (XSS) vulnerability in pm/language/spanish/preferences.php in PMachine Pro 2... Low Unreviewed
CVE-2008-0334 was published May 1, 2022
Cross-site scripting (XSS) vulnerability in Drupal 4.7.x and 5.x, when certain .htaccess... Low Unreviewed
CVE-2008-0274 was published May 1, 2022
Cross-site request forgery (CSRF) vulnerability in admin.php in eTicket 1.5.5.2 allows remote... Low Unreviewed
CVE-2008-0266 was published May 1, 2022
The ptsname function in FreeBSD 6.0 through 7.0-PRERELEASE does not properly verify that a... Low Unreviewed
CVE-2008-0216 was published May 1, 2022
Cross-site scripting (XSS) vulnerability in service/impl/UserLocalServiceImpl.java in Liferay... Low Unreviewed
CVE-2008-0179 was published May 1, 2022
AppKit in Apple Mac OS X 10.4.11 inadvertently makes an NSApplication mach port available for... Low Unreviewed
CVE-2008-0049 was published May 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database