Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,873 advisories

Loading
The Huawei D100 allows remote attackers to obtain sensitive information via a direct request to ... High Unreviewed
CVE-2009-2274 was published May 2, 2022
WebKit in Apple Safari before 4.0.3 does not properly restrict the URL scheme of the pluginspage... High Unreviewed
CVE-2009-2200 was published May 2, 2022
import_wbb1.php in Unclassified NewsBoard (UNB) 1.6.4 allows remote attackers to obtain sensitive... High Unreviewed
CVE-2009-1949 was published May 2, 2022
WebKit in Apple Safari before 4.0 allows user-assisted remote attackers to obtain sensitive... High Unreviewed
CVE-2009-1718 was published May 2, 2022
The XSLT functionality in WebKit in Apple Safari before 4.0 does not properly implement the... High Unreviewed
CVE-2009-1713 was published May 2, 2022
The XSL stylesheet implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2... High Unreviewed
CVE-2009-1699 was published May 2, 2022
WebKit in Apple Safari before 4.0 does not prevent references to file: URLs within (1) audio and ... High Unreviewed
CVE-2009-1703 was published May 2, 2022
Argument injection vulnerability in the chromehtml: protocol handler in Google Chrome before 1.0... High Unreviewed
CVE-2009-1412 was published May 2, 2022
Microsoft Internet Explorer 5.01 SP4; 6 SP1; 6 and 7 for Windows XP SP2 and SP3; 6 and 7 for... High Unreviewed
CVE-2009-1140 was published May 2, 2022
nsIRDFService in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before... High Unreviewed
CVE-2009-0776 was published May 2, 2022
Memory leak in the SSLVPN feature in Cisco IOS 12.3 through 12.4 allows remote attackers to cause... High Unreviewed
CVE-2009-0628 was published May 2, 2022
The Servlet Engine/Web Container and JSP components in IBM WebSphere Application Server (WAS) 5.1... High Unreviewed
CVE-2009-0508 was published May 2, 2022
Unspecified vulnerability in IBM WebSphere Application Server (WAS) 6.0.1 on z/OS allows... High Unreviewed
CVE-2009-0391 was published May 2, 2022
Unspecified vulnerability in Apple Safari on Mac OS X 10.5 and Windows allows remote attackers to... High Unreviewed
CVE-2009-0123 was published May 2, 2022
HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to obtain... High Unreviewed
CVE-2008-4560 was published May 2, 2022
The Cisco Linksys WVC54GC wireless video camera before firmware 1.25 sends cleartext... High Unreviewed
CVE-2008-4390 was published May 2, 2022
lighttpd before 1.4.20 compares URIs to patterns in the (1) url.redirect and (2) url.rewrite... High Unreviewed
CVE-2008-4359 was published May 2, 2022
mod_userdir in lighttpd before 1.4.20, when a case-insensitive operating system or filesystem is... High Unreviewed
CVE-2008-4360 was published May 2, 2022
smbd in Samba 3.0.29 through 3.2.4 might allow remote attackers to read arbitrary memory and... High Unreviewed
CVE-2008-4314 was published May 2, 2022
Multiple unspecified vulnerabilities in ClamAV before 0.94 have unknown impact and attack vectors... High Unreviewed
CVE-2008-3914 was published May 2, 2022
Opera before 9.51 does not properly manage memory within functions supporting the CANVAS element,... High Unreviewed
CVE-2008-3078 was published May 1, 2022
Microsoft Windows Media Player 6.4, Windows Media Format Runtime 7.1 through 11, and Windows... High Unreviewed
CVE-2008-3010 was published May 1, 2022
Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) 5500 devices 8.0(3)15, 8.0(3... High Unreviewed
CVE-2008-2736 was published May 1, 2022
Microsoft Windows Vista through SP1 and Server 2008 do not properly import the default IPsec... High Unreviewed
CVE-2008-2246 was published May 1, 2022
ezRADIUS 0.1 stores sensitive information under the web root with insufficient access control,... High Unreviewed
CVE-2008-1752 was published May 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database