Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

12,432 advisories

Loading
sylprint.pl in claws mail tools (claws-mail-tools) allows local users to overwrite arbitrary... Low Unreviewed
CVE-2007-6208 was published May 1, 2022
The HTTP daemon in the Cisco Unified IP Phone, when the Extension Mobility feature is enabled,... Low Unreviewed
CVE-2007-6190 was published May 1, 2022
The "internal state tracking" code for the random and urandom devices in FreeBSD 5.5, 6.1 through... Low Unreviewed
CVE-2007-6150 was published May 1, 2022
buttonpressed.sh in scanbuttond 0.2.3 allows local users to overwrite arbitrary files via a... Low Unreviewed
CVE-2007-6131 was published May 1, 2022
Cross-site scripting (XSS) vulnerability in libraries/auth/cookie.auth.lib.php in phpMyAdmin... Low Unreviewed
CVE-2007-6100 was published May 1, 2022
PHP 5.2.5 and earlier allows context-dependent attackers to cause a denial of service ... Low Unreviewed
CVE-2007-6039 was published May 1, 2022
Lantronix SCS3200 does not properly handle public-key requests, which allows remote attackers to... Low Unreviewed
CVE-2007-5981 was published May 1, 2022
Cross-site scripting (XSS) vulnerability in db_create.php in phpMyAdmin before 2.11.2.1 allows... Low Unreviewed
CVE-2007-5977 was published May 1, 2022
Cross-site scripting (XSS) vulnerability in IBM Tivoli Service Desk 6.2 allows remote... Low Unreviewed
CVE-2007-5949 was published May 1, 2022
dvips in teTeX and TeXlive 2007 and earlier allows local users to obtain sensitive information... Low Unreviewed
CVE-2007-5936 was published May 1, 2022
iChat in Apple Mac OS X 10.4.11 allows network-adjacent remote attackers to automatically... Low Unreviewed
CVE-2007-5851 was published May 1, 2022
Multiple cross-site scripting (XSS) vulnerabilities in BosDev BosMarket Business Directory System... Low Unreviewed
CVE-2007-5833 was published May 1, 2022
iSCSI Enterprise Target (iscsitarget) 0.4.15 uses weak permissions for /etc/ietd.conf, which... Low Unreviewed
CVE-2007-5827 was published May 1, 2022
IBM Tivoli Continuous Data Protection for Files (CDP) 3.1.0 uses weak permissions (unrestricted... Low Unreviewed
CVE-2007-5819 was published May 1, 2022
The Globe7 soft phone client 7.3 uses weak cryptography (reversed sequence of binary values) for... Low Unreviewed
CVE-2007-5790 was published May 1, 2022
Liferea before 1.4.6 uses weak permissions (0644) for the feedlist.opml backup file, which allows... Low Unreviewed
CVE-2007-5751 was published May 1, 2022
Absolute path traversal vulnerability in Apache Jakarta Slide 2.1 and earlier allows remote... Low Unreviewed
CVE-2007-5731 was published May 1, 2022
Cross-site scripting (XSS) vulnerability in wp-admin/edit-post-rows.php in WordPress 2.3 allows... Low Unreviewed
CVE-2007-5710 was published May 1, 2022
Incomplete blacklist vulnerability in the Certificate Authority (CA) in IBM Lotus Domino before 7... Low Unreviewed
CVE-2007-5701 was published May 1, 2022
make_catalog_backup in Bacula 2.2.5, and probably earlier, sends a MySQL password as a command... Low Unreviewed
CVE-2007-5626 was published May 1, 2022
Multiple cross-site scripting (XSS) vulnerabilities in the Token module before 4.7.x-1.5, and 5.x... Low Unreviewed
CVE-2007-5621 was published May 1, 2022
Multiple cross-site scripting (XSS) vulnerabilities in NSSboard (formerly Simple PHP Forum) 6.1... Low Unreviewed
CVE-2007-5564 was published May 1, 2022
Unspecified vulnerability in Command EXEC in Cisco IOS allows local users to bypass command... Low Unreviewed
CVE-2007-5549 was published May 1, 2022
Cross-site scripting (XSS) vulnerability in setroubleshoot 2.0.5 allows local users to inject... Low Unreviewed
CVE-2007-5496 was published May 1, 2022
Microsoft Expression Media stores the catalog password in cleartext in the catalog IVC file,... Low Unreviewed
CVE-2007-5470 was published May 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database