Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,516 advisories

Loading
The management console in the Volume Manager Scheduler Service (aka VxSchedService.exe) in... High Unreviewed
CVE-2008-3703 was published May 2, 2022
PHP Jabbers Post Comment 3.0 allows remote attackers to bypass authentication and gain... High Unreviewed
CVE-2008-4721 was published May 17, 2022
Microsoft Windows 2000 Gold through SP4, XP Gold through SP3, Server 2003 SP1 and SP2, Vista Gold... High Unreviewed
CVE-2008-4037 was published May 2, 2022
login.php in PhpAddEdit 1.3 allows remote attackers to bypass authentication and gain... High Unreviewed
CVE-2008-6581 was published May 17, 2022
myPhile 1.2.1 allows remote attackers to bypass authentication via an empty password. NOTE: some... High Unreviewed
CVE-2009-4095 was published May 2, 2022
VRTSweb.exe in VRTSweb in Symantec Backup Exec Continuous Protection Server (CPS) 11d, 12.0, and... High Unreviewed
CVE-2009-3027 was published May 2, 2022
Joomla CMS Multi-Factor Authentication Bypass High
CVE-2025-25227 was published for joomla/joomla-cms (Composer) Apr 8, 2025
Saltstack Salt Unauthenticated Arbitrary Code Execution High
CVE-2021-25315 was published for salt (pip) May 24, 2022
The DMSDP module of the distributed hardware has a vulnerability that may cause imposter control... High Unreviewed
CVE-2022-47976 was published Jan 6, 2023
There is a difficult to exploit improper authentication issue in the Home application for Esri... High Unreviewed
CVE-2024-25699 was published Apr 4, 2024
Unspecified vulnerability in OpenX 2.8.1 and 2.8.2 allows remote attackers to bypass... High Unreviewed
CVE-2009-4830 was published May 2, 2022
The pam_lsass library in Likewise Open 5.4 and CIFS 5.4 before build 8046, and 6.0 before build... High Unreviewed
CVE-2010-0833 was published May 2, 2022
Pointter PHP Content Management System 1.0 allows remote attackers to bypass authentication and... High Unreviewed
CVE-2010-4332 was published May 14, 2022
Pointter PHP Micro-Blogging Social Network 1.8 allows remote attackers to bypass authentication... High Unreviewed
CVE-2010-4333 was published May 14, 2022
The default configuration of Pandora FMS 3.1 and earlier specifies an empty string for the... High Unreviewed
CVE-2010-4279 was published May 14, 2022
OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters... High Unreviewed
CVE-2010-4478 was published May 17, 2022
CEServer.exe in the CEServer component in the Remote Agent module in InduSoft Web Studio 6.1 and... High Unreviewed
CVE-2011-4051 was published May 17, 2022
The host-services component in Symantec pcAnywhere 12.5.x through 12.5.3, and IT Management Suite... High Unreviewed
CVE-2011-3478 was published May 14, 2022
Splunk 4.2.5 and earlier, when a Free license is selected, enables potentially undesirable... High Unreviewed
CVE-2011-4644 was published May 17, 2022
AjaXplorer 3.2.x before 3.2.5 and 4.0.x before 4.0.4 does not properly perform cookie... High Unreviewed
CVE-2012-1840 was published May 14, 2022
Apache Qpid 0.12 does not properly verify credentials during the joining of a cluster, which... High Unreviewed
CVE-2011-3620 was published May 17, 2022
hagent.exe in Wyse Device Manager (WDM) 4.7.x does not require authentication for commands, which... High Unreviewed
CVE-2009-0695 was published May 2, 2022
The Xelex MobileTrack application 2.3.7 and earlier for Android does not verify the origin of SMS... High Unreviewed
CVE-2012-2562 was published May 17, 2022
The SSH USERAUTH CHANGE REQUEST feature in SSH Tectia Server 6.0.4 through 6.0.20, 6.1.0 through... High Unreviewed
CVE-2012-5975 was published May 17, 2022
The web server in Novell ZENworks Configuration Management (ZCM) 10.3 and 11.2 before 11.2.4 does... High Unreviewed
CVE-2013-1080 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database