Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,516 advisories

Loading
ECP SAML binding bypasses authentication flows High
CVE-2021-3827 was published for org.keycloak:keycloak-saml-core (Maven) Apr 27, 2022
IBM QRadar 7.3, 7.4, and 7.5 could allow a malicious actor to impersonate an actor due to key... High Unreviewed
CVE-2021-38878 was published Apr 28, 2022
Unknown vulnerability in Cisco Catalyst 7.5(1) allows local users to bypass authentication and... High Unreviewed
CVE-2003-0216 was published Apr 29, 2022
Trend Micro ScanMail for Exchange (SMEX) before 3.81 and before 6.1 might install a back door... High Unreviewed
CVE-2003-1343 was published Apr 29, 2022
The web administration page for the Ericsson HM220dp ADSL modem does not require authentication,... High Unreviewed
CVE-2003-1442 was published Apr 29, 2022
TikiWiki 1.6.1 allows remote attackers to bypass authentication by entering a valid username with... High Unreviewed
CVE-2003-1574 was published Apr 29, 2022
The default installation of Cisco voice products, when running the IBM Director Agent on IBM... High Unreviewed
CVE-2004-1760 was published Apr 29, 2022
Session fixation vulnerability in Macromedia JRun 4.0 allows remote attackers to hijack user... High Unreviewed
CVE-2004-2182 was published Apr 29, 2022
edituser.php3 in PHPMyChat 0.14.5 allow remote attackers to bypass authentication and gain... High Unreviewed
CVE-2004-2715 was published Apr 29, 2022
LionMax Software Chat Anywhere 2.72a allows remote attackers to cause a denial of service (server... High Unreviewed
CVE-2004-2724 was published Apr 29, 2022
webadmin-apache.conf in Novell Web Manager of Novell NetWare 6.5 uses an uppercase Alias tag with... High Unreviewed
CVE-2004-2734 was published Apr 29, 2022
USU Oracle Optimization before 5.17.5 lacks Polkit authentication, which allows smartcollector... High Unreviewed
CVE-2022-29934 was published Apr 30, 2022
In some cases, Service Pack 4 for Windows NT 4.0 can allow access to network shares using a blank... High Unreviewed
CVE-1999-0366 was published Apr 30, 2022
Windows NT does not properly download a system policy if the domain user logs into the domain... High Unreviewed
CVE-1999-0987 was published Apr 30, 2022
Zope DTML implementation Improper Authentication High
CVE-2000-0062 was published for zope (pip) Apr 30, 2022
Zope does not properly perform security registration for legacy names High
CVE-2000-1211 was published for zope (pip) Apr 30, 2022
HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to bypass authentication and execute... High Unreviewed
CVE-2001-0537 was published Apr 30, 2022
Unspecified vulnerability in the bind function in config.inc of aldap 0.09 allows remote... High Unreviewed
CVE-2002-2279 was published Apr 30, 2022
Sygate personal firewall 5.0 could allow remote attackers to bypass firewall filters via spoofed ... High Unreviewed
CVE-2002-2397 was published Apr 30, 2022
acFTP 1.4 does not properly handle when an invalid password is provided by the user during... High Unreviewed
CVE-2002-2417 was published Apr 30, 2022
Secure Shell (SSH) 2 in Cisco IOS 12.0 through 12.3 allows remote attackers to cause a denial of... High Unreviewed
CVE-2005-1020 was published May 1, 2022
mtnpeak.net File Upload Manager does not properly check user authentication for certain actions,... High Unreviewed
CVE-2005-1957 was published May 1, 2022
SAPID CMS before 1.2.3.03 allows remote attackers to bypass authentication via direct requests to... High Unreviewed
CVE-2005-4006 was published May 1, 2022
functions.php in Ragnarok Online Control Panel (ROCP) 4.3.4a allows remote attackers to bypass... High Unreviewed
CVE-2005-4861 was published May 1, 2022
Advantage Century Telecommunication (ACT) P202S IP Phone 1.01.21 running firmware 1.1.21 has... High Unreviewed
CVE-2006-0374 was published May 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database