Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,333 advisories

Loading
Plone CMS does not record users' authentication states, and implements the logout feature solely... High Unreviewed
CVE-2008-1395 was published May 1, 2022
Gallarific does not require authentication for (1) users.php and (2) index.php, which allows... High Unreviewed
CVE-2008-1327 was published May 1, 2022
cgi/b on the BT Home Hub router allows remote attackers to bypass authentication, and read or... High Unreviewed
CVE-2008-1334 was published May 1, 2022
The Linksys WRT54G router has "admin" as its default FTP password, which allows remote attackers... High Unreviewed
CVE-2008-1264 was published May 1, 2022
The administration panel on the Airspan WiMax ProST 4.1 antenna with 6.5.38.0 software does not... High Unreviewed
CVE-2008-1262 was published May 1, 2022
cp06_wifi_m_nocifr.cgi in the admin panel on the Alice Gate 2 Plus Wi-Fi router does not verify... High Unreviewed
CVE-2008-1269 was published May 1, 2022
The FTP server on the Linksys WRT54G 7 router with 7.00.1 firmware does not verify authentication... High Unreviewed
CVE-2008-1268 was published May 1, 2022
The Zyxel P-2602HW-D1A router with 3.40(AJZ.1) firmware maintains authentication state by IP... High Unreviewed
CVE-2008-1259 was published May 1, 2022
cgi-bin/setup_dns.exe on the Belkin F5D7230-4 router with firmware 9.01.10 does not require... High Unreviewed
CVE-2008-1244 was published May 1, 2022
The Disaster Recovery Framework (DRF) master server in Cisco Unified Communications products,... High Unreviewed
CVE-2008-1154 was published May 1, 2022
The management interface in Akamai Client (formerly Red Swoosh) 3322 and earlier allows remote... High Unreviewed
CVE-2008-1106 was published May 1, 2022
EMV DiskXtender 6.20.060 has a hard-coded login and password, which allows remote attackers to... High Unreviewed
CVE-2008-0961 was published May 1, 2022
SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x... High Unreviewed
CVE-2008-0960 was published May 1, 2022
The SOAP interface to the eMBox module in Novell eDirectory 8.7.3.9 and earlier, and 8.8.x before... High Unreviewed
CVE-2008-0926 was published May 1, 2022
Unspecified vulnerability in the Header Image Module before 5.x-1.1 for Drupal allows remote... High Unreviewed
CVE-2008-0823 was published May 1, 2022
Unspecified vulnerability in the BIOS F.26 and earlier for the HP Compaq Notebook PC allows... High Unreviewed
CVE-2008-0706 was published May 1, 2022
Symantec Ghost Solution Suite 1.1 before 1.1 patch 2, 2.0.0, and 2.0.1 does not authenticate... High Unreviewed
CVE-2008-0640 was published May 1, 2022
The ExpandCert function in Apache-SSL before apache_1.3.41+ssl_1.59 does not properly handle (1) ... High Unreviewed
CVE-2008-0555 was published May 1, 2022
Unspecified vulnerability in the SSH server in (1) Cisco Service Control Engine (SCE) 3.0.x... High Unreviewed
CVE-2008-0536 was published May 1, 2022
inc/elementz.php in aliTalk 1.9.1.1 does not properly verify authentication, which allows remote... High Unreviewed
CVE-2008-0391 was published May 1, 2022
MicroNews allows remote attackers to bypass authentication and gain administrative privileges via... High Unreviewed
CVE-2008-0377 was published May 1, 2022
Open System Consultants (OSC) Radiator before 4.0 allows remote attackers to cause a denial of... High Unreviewed
CVE-2008-0330 was published May 1, 2022
The telnet service in LevelOne WBR-3460 4-Port ADSL 2/2+ Wireless Modem Router with firmware 1.00... High Unreviewed
CVE-2008-0229 was published May 1, 2022
The DNS client in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, and Vista uses... High Unreviewed
CVE-2008-0087 was published May 1, 2022
The DBLink module in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, 7.4... High Unreviewed
CVE-2007-6601 was published May 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database