GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,603
Composer 5,006
Erlang 39
GitHub Actions 38
Go 2,636
Maven 6,104
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,819

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

5,210 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The POP3 mail client in Mozilla 1.0 and earlier, and Netscape Communicator 4.7 and earlier,... Moderate Unreviewed

CVE-2002-2338 was published Apr 30, 2022

Ultimate PHP Board (UPB) 1.0b stores the users.dat data file under the web root with insufficient... Moderate Unreviewed

CVE-2002-2322 was published Apr 30, 2022

Mozilla 1.0 allows remote attackers to steal cookies from other domains via a javascript: URL... Moderate Unreviewed

CVE-2002-2314 was published Apr 30, 2022

tftp32 TFTP server 2.21 and earlier allows remote attackers to cause a denial of service via a... Moderate Unreviewed

CVE-2002-2237 was published Apr 30, 2022

MailScanner before 4.0 5-1 and before 3.2 6-1 allows remote attackers to bypass protection via... Moderate Unreviewed

CVE-2002-2228 was published Apr 30, 2022

The Post_Method function in method.c for Monkey HTTP Daemon before 0.5.1 allows remote attackers... Moderate Unreviewed

CVE-2002-1663 was published Apr 30, 2022

The getmxrecord function in Fetchmail 6.0.0 and earlier does not properly check the boundary of a... Moderate Unreviewed

CVE-2002-1175 was published Apr 30, 2022

Acme.Serve 1.7, as used in Cisco Secure ACS Unix and possibly other products, allows remote... Moderate Unreviewed

CVE-2001-0748 was published Apr 30, 2022

Cisco Catalyst 2900XL switch allows a remote attacker to create a denial of service via an empty... Moderate Unreviewed

CVE-2001-0566 was published Apr 30, 2022

Vulnerabilities in RPC servers in (1) Microsoft Exchange Server 2000 and earlier, (2) Microsoft... Moderate Unreviewed

CVE-2001-0509 was published Apr 30, 2022

Microsoft SQL 7.0 server allows a remote attacker to cause a denial of service via a malformed... Moderate Unreviewed

CVE-1999-0999 was published Apr 30, 2022

Denial of service in IIS 4.0 via a flood of HTTP requests with malformed headers. Moderate Unreviewed

CVE-1999-0867 was published Apr 30, 2022

ICMP redirect messages may crash or lock up a host. Moderate Unreviewed

CVE-1999-0265 was published Apr 30, 2022

ip_input.c in BSD-derived TCP/IP implementations allows remote attackers to cause a denial of... Moderate Unreviewed

CVE-1999-0001 was published Apr 30, 2022

A heap data infoleak in multiple locations including L2CAP_PARSE_CONF_RSP was found in the Linux... Moderate Unreviewed

CVE-2019-3460 was published Apr 30, 2022

Unspecified vulnerability in Gyach Enhanced (Gyach-E) before 1.0.4 allows remote attackers to... Moderate Unreviewed

CVE-2004-2706 was published Apr 29, 2022

Eudora 6.1.0.6 allows remote attackers to obfuscate URLs displayed in the status bar by inserting... Moderate Unreviewed

CVE-2004-2649 was published Apr 29, 2022

Quake II server before R1Q2, as used in multiple products, allows remote attackers to cause a... Moderate Unreviewed

CVE-2004-2596 was published Apr 29, 2022

Quake II server before R1Q2, as used in multiple products, allows remote attackers to cause a... Moderate Unreviewed

CVE-2004-2592 was published Apr 29, 2022

Serv-U FTP Server 4.1 (possibly 4.0) allows remote attackers to cause a denial of service ... Moderate Unreviewed

CVE-2004-2533 was published Apr 29, 2022

A "range check error" in Skype for Windows before 0.98.0.28 allows local and remote attackers to... Moderate Unreviewed

CVE-2004-1777 was published Apr 29, 2022

Serv-U FTP server 4.x and 5.x allows remote attackers to cause a denial of service (application... Moderate Unreviewed

CVE-2004-1675 was published Apr 29, 2022

Lynx, lynx-ssl, and lynx-cur before 2.8.6dev.8 allow remote attackers to cause a denial of... Moderate Unreviewed

CVE-2004-1617 was published Apr 29, 2022

The get_real_string function in Monkey HTTP Daemon (monkeyd) 0.8.1 and earlier allows remote... Moderate Unreviewed

CVE-2004-0276 was published Apr 29, 2022

Cisco 6000, 6500, and 7600 series systems with Multilayer Switch Feature Card 2 (MSFC2) and a... Moderate Unreviewed

CVE-2004-0244 was published Apr 29, 2022

Previous 1…197…209 Next

Previous 1 2 … 195 196 197 198 199 … 208 209 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

5,210 advisories