Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,271
NuGet
760
pip
4,065
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

12,729 advisories

Loading
pkexec.c in pkexec in libpolkit in PolicyKit 0.96 allows local users to determine the existence... Low Unreviewed
CVE-2010-0750 was published May 2, 2022
The MMIO instruction decoder in the Xen hypervisor in the Linux kernel 2.6.18 in Red Hat... Low Unreviewed
CVE-2010-0730 was published May 2, 2022
Integer overflow in src/backend/executor/nodeHash.c in PostgreSQL 8.4.1 and earlier, and 8.5... Low Unreviewed
CVE-2010-0733 was published May 2, 2022
_layouts/Upload.aspx in the Documents module in Microsoft SharePoint before 2010 uses URLs with... Low Unreviewed
CVE-2010-0716 was published May 2, 2022
Cross-site scripting (XSS) vulnerability in the iTweak Upload module 6.x-1.x before 6.x-1.2 and 6... Low Unreviewed
CVE-2010-0697 was published May 2, 2022
Cross-site scripting in Apache ActiveMQ Low
CVE-2010-0684 was published for org.apache.activemq:activemq-parent (Maven) May 2, 2022
sunSUNQ MarkLee131
Credited to sunSUNQ and MarkLee131
WebKit, as used in Google Chrome before 4.0.249.78 and Apple Safari, allows remote attackers to... Low Unreviewed
CVE-2010-0650 was published May 2, 2022
Cross-site scripting (XSS) vulnerability in CA eHealth Performance Manager 6.0.x through 6.2.x,... Low Unreviewed
CVE-2010-0640 was published May 2, 2022
The wake_futex_pi function in kernel/futex.c in the Linux kernel before 2.6.33-rc7 does not... Low Unreviewed
CVE-2010-0622 was published May 2, 2022
Cross-site scripting (XSS) vulnerability in scp/ajax.php in osTicket before 1.6.0 Stable allows... Low Unreviewed
CVE-2010-0606 was published May 2, 2022
client/mount.cifs.c in mount.cifs in smbfs in Samba 3.4.5 and earlier does not verify that the (1... Low Unreviewed
CVE-2010-0547 was published May 2, 2022
Folder Manager in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, allows local users to delete... Low Unreviewed
CVE-2010-0546 was published May 2, 2022
Apple QuickTime before 7.6.9 on Windows sets weak permissions for the Apple Computer directory in... Low Unreviewed
CVE-2010-0530 was published May 2, 2022
DesktopServices in Apple Mac OS X 10.6 before 10.6.3 does not properly resolve pathnames in... Low Unreviewed
CVE-2010-0537 was published May 2, 2022
Multiple cross-site scripting (XSS) vulnerabilities in staff/index.php in Kayako SupportSuite 3... Low Unreviewed
CVE-2010-0460 was published May 2, 2022
The edit_cmd function in crontab.c in (1) cronie before 1.4.4 and (2) Vixie cron (vixie-cron)... Low Unreviewed
CVE-2010-0424 was published May 2, 2022
Tor 0.2.2.x before 0.2.2.7-alpha, when functioning as a directory mirror, does not prevent... Low Unreviewed
CVE-2010-0384 was published May 2, 2022
Cross-site scripting (XSS) vulnerability in the Node Blocks module 5.x-1.1 and earlier, and 6.x-1... Low Unreviewed
CVE-2010-0370 was published May 2, 2022
Cross-site scripting (XSS) vulnerability in Zeus Web Server before 4.3r5, when SSL is enabled for... Low Unreviewed
CVE-2010-0363 was published May 2, 2022
Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure Privacy Edition (DTSP), and... Low Unreviewed
CVE-2010-0223 was published May 2, 2022
Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure Privacy Edition (DTSP), and... Low Unreviewed
CVE-2010-0221 was published May 2, 2022
BIND 9.7.1 and 9.7.1-P1, when a recursive validating server has a trust anchor that is configured... Low Unreviewed
CVE-2010-0213 was published May 2, 2022
Install/Filesystem.pm in Bugzilla 3.5.1 through 3.6 and 3.7, when use_suexec is enabled, uses... Low Unreviewed
CVE-2010-0180 was published May 2, 2022
Puppet arbitrary files overwrite via a symlink attack Low
CVE-2010-0156 was published for puppet (RubyGems) May 2, 2022
CRLF injection vulnerability in load.php in the Local Management Interface (LMI) on the IBM... Low Unreviewed
CVE-2010-0155 was published May 2, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database