Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,992
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,056
Pub
12
RubyGems
955
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,064 advisories

Loading
IBM Lenovo firmware 7CETB5WW 2.05 stores pre-boot authentication passwords in the BIOS Keyboard... Low Unreviewed
CVE-2008-3894 was published May 2, 2022
LILO 22.6.1 and earlier stores pre-boot authentication passwords in the BIOS Keyboard buffer and... Low Unreviewed
CVE-2008-3895 was published May 2, 2022
Microsoft Bitlocker in Windows Vista before SP1 stores pre-boot authentication passwords in the... Low Unreviewed
CVE-2008-3893 was published May 2, 2022
The SIP Enablement Services (SES) Server in Avaya SIP Enablement Services 5.0, and Communication... Low Unreviewed
CVE-2008-3777 was published May 2, 2022
Apple Safari before 3.2 does not properly prevent caching of form data for form fields that have... Low Unreviewed
CVE-2008-3644 was published May 2, 2022
Apple iTunes before 8.0 on Mac OS X 10.4.11, when iTunes Music Sharing is enabled but blocked by... Low Unreviewed
CVE-2008-3634 was published May 2, 2022
Unspecified vulnerability in HP OpenView Select Identity (HPSI) Connectors on Windows, as used in... Low Unreviewed
CVE-2008-3539 was published May 2, 2022
The snd_seq_oss_synth_make_info function in sound/core/seq/oss/seq_oss_synth.c in the sound... Low Unreviewed
CVE-2008-3272 was published May 1, 2022
OpenSSH before 5.1 sets the SO_REUSEADDR socket option when the X11UseLocalhost configuration... Low Unreviewed
CVE-2008-3259 was published May 1, 2022
No-IP Dynamic Update Client (DUC) 2.2.1 on Windows uses weak permissions for the HKLM\SOFTWARE... Low Unreviewed
CVE-2008-2747 was published May 1, 2022
The sarab.sh script in SaraB before 0.2.4 places the dar program's encryption key on the command... Low Unreviewed
CVE-2008-2517 was published May 1, 2022
Directory Services in Apple Mac OS X 10.5 through 10.5.4, when Active Directory is used, allows... Low Unreviewed
CVE-2008-2329 was published May 1, 2022
Microsoft Internet Explorer 7 can save encrypted pages in the cache even when the... Low Unreviewed
CVE-2008-2159 was published May 1, 2022
The VMware Consolidated Backup (VCB) command-line utilities in VMware ESX 3.0.1 through 3.0.3 and... Low Unreviewed
CVE-2008-2101 was published May 1, 2022
Unspecified vulnerability in phpMyAdmin before 2.11.5.2, when running on shared hosts, allows... Low Unreviewed
CVE-2008-1924 was published May 1, 2022
The sso_util program in Single Sign-On in Apple Mac OS X before 10.5.3 places passwords on the... Low Unreviewed
CVE-2008-1578 was published May 1, 2022
phpMyAdmin before 2.11.5.1 stores the MySQL (1) username and (2) password, and the (3) Blowfish... Low Unreviewed
CVE-2008-1567 was published May 1, 2022
Unspecified vulnerability in the Windows client API in Novell GroupWise 7 before SP3 and 6.5... Low Unreviewed
CVE-2008-1330 was published May 1, 2022
WebCore, as used in Apple Safari before 3.1, does not properly mask the password field when... Low Unreviewed
CVE-2008-1005 was published May 1, 2022
Preview in Apple Mac OS X 10.5.2 uses 40-bit RC4 when saving a PDF file with encryption, which... Low Unreviewed
CVE-2008-0994 was published May 1, 2022
The Printing component in Apple Mac OS X 10.5.2 might save authentication credentials to disk... Low Unreviewed
CVE-2008-0996 was published May 1, 2022
The Printing component in Apple Mac OS X 10.5.2 uses 40-bit RC4 when printing to an encrypted PDF... Low Unreviewed
CVE-2008-0995 was published May 1, 2022
Podcast Capture in Podcast Producer for Apple Mac OS X 10.5.2 invokes a subtask with passwords in... Low Unreviewed
CVE-2008-0993 was published May 1, 2022
Flexera Macrovision InstallShield before 2008 sends a digital-signature password to an unintended... Low Unreviewed
CVE-2007-6744 was published May 1, 2022
The libdspam7-drv-mysql cron job in Debian GNU/Linux includes the MySQL dspam database password... Low Unreviewed
CVE-2007-6418 was published May 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database