Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,333 advisories

Loading
Cisco Trust Agent (CTA) before 2.1.104.0, when running on MacOS X, allows attackers with physical... High Unreviewed
CVE-2007-3184 was published May 1, 2022
Session fixation vulnerability in chameleon cms 3.0 and earlier allows remote attackers to hijack... High Unreviewed
CVE-2007-3050 was published May 1, 2022
Session fixation vulnerability in HP Systems Insight Manager (SIM) 4.2 and 5.0 SP4 and SP5 allows... High Unreviewed
CVE-2007-2719 was published May 1, 2022
Session fixation vulnerability in Plogger allows remote attackers to hijack web sessions by... High Unreviewed
CVE-2007-2277 was published May 1, 2022
Session fixation vulnerability in onelook courts on-line allows remote attackers to hijack web... High Unreviewed
CVE-2007-1953 was published May 1, 2022
Session fixation vulnerability in onelook onebyone CMS allows remote attackers to hijack web... High Unreviewed
CVE-2007-1952 was published May 1, 2022
Session fixation vulnerability in WebBlizzard CMS allows remote attackers to hijack web sessions... High Unreviewed
CVE-2007-1949 was published May 1, 2022
Session fixation vulnerability in onelook obo Shop allows remote attackers to hijack web sessions... High Unreviewed
CVE-2007-1951 was published May 1, 2022
Creative Guestbook 1.0 allows remote attackers to add an administrative account via a direct... High Unreviewed
CVE-2007-1480 was published May 1, 2022
webSPELL 4.0, and possibly later versions, allows remote attackers to bypass authentication via a... High Unreviewed
CVE-2007-1160 was published May 1, 2022
The Cisco Unified IP Conference Station 7935 3.2(15) and earlier, and Station 7936 3.3(12) and... High Unreviewed
CVE-2007-1062 was published May 1, 2022
T-Com Speedport 500V routers with firmware 1.31 allow remote attackers to bypass authentication... High Unreviewed
CVE-2007-0435 was published May 1, 2022
Unspecified vulnerability in a cryptographic feature in MailEnable Standard Edition before 1.93,... High Unreviewed
CVE-2006-6997 was published May 1, 2022
logahead UNU 1.0 before 20061226 allows remote attackers to upload arbitrary files via... High Unreviewed
CVE-2006-6783 was published May 1, 2022
Unspecified vulnerability in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to... High Unreviewed
CVE-2006-5268 was published May 1, 2022
SQL-Ledger 2.4.4 through 2.6.17 authenticates users by verifying that the value of the sql-ledger... High Unreviewed
CVE-2006-4244 was published May 1, 2022
Session fixation vulnerability in Jetbox CMS 2.1 SR1 allows remote attackers to hijack web... High Unreviewed
CVE-2006-3583 was published May 1, 2022
newsadmin.asp in Katy Whitton NewsCMSLite allows remote attackers to bypass authentication and... High Unreviewed
CVE-2006-2636 was published May 1, 2022
RealVNC 4.1.1, and other products that use RealVNC such as AdderLink IP and Cisco CallManager,... High Unreviewed
CVE-2006-2369 was published May 1, 2022
Advantage Century Telecommunication (ACT) P202S IP Phone 1.01.21 running firmware 1.1.21 has... High Unreviewed
CVE-2006-0374 was published May 1, 2022
functions.php in Ragnarok Online Control Panel (ROCP) 4.3.4a allows remote attackers to bypass... High Unreviewed
CVE-2005-4861 was published May 1, 2022
SAPID CMS before 1.2.3.03 allows remote attackers to bypass authentication via direct requests to... High Unreviewed
CVE-2005-4006 was published May 1, 2022
mtnpeak.net File Upload Manager does not properly check user authentication for certain actions,... High Unreviewed
CVE-2005-1957 was published May 1, 2022
Secure Shell (SSH) 2 in Cisco IOS 12.0 through 12.3 allows remote attackers to cause a denial of... High Unreviewed
CVE-2005-1020 was published May 1, 2022
acFTP 1.4 does not properly handle when an invalid password is provided by the user during... High Unreviewed
CVE-2002-2417 was published Apr 30, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database