GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,603
Composer 5,006
Erlang 39
GitHub Actions 38
Go 2,636
Maven 6,104
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,513

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

6,768 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Attachmax Dolphin 2.1.0 and earlier does not properly protect info.php in the main folder, which... Moderate Unreviewed

CVE-2008-4207 was published May 2, 2022

Opera before 9.52 does not prevent use of links from web pages to feed source files on the local... Moderate Unreviewed

CVE-2008-4199 was published May 2, 2022

Unspecified vulnerability in db.php in NooMS 1.1 allows remote attackers to conduct brute force... Moderate Unreviewed

CVE-2008-4180 was published May 2, 2022

IntegraMOD 1.4.x stores sensitive information under the web root with insufficient access control... Moderate Unreviewed

CVE-2008-4183 was published May 2, 2022

create_account.php in osCommerce 2.2 RC 2a allows remote attackers to obtain sensitive... Moderate Unreviewed

CVE-2008-4170 was published May 2, 2022

The search function in phpBB 2.x provides a search_id value that leaks the state of PHP's PRNG,... Moderate Unreviewed

CVE-2008-4125 was published May 2, 2022

TalkBack 2.3.6 allows remote attackers to obtain configuration information via a direct request... Moderate Unreviewed

CVE-2008-4115 was published May 2, 2022

The sctp_getsockopt_hmac_ident function in net/sctp/socket.c in the Stream Control Transmission... Moderate Unreviewed

CVE-2008-4113 was published May 2, 2022

The XBM decoder in Mozilla Firefox before 2.0.0.17 and SeaMonkey before 1.1.12 allows remote... Moderate Unreviewed

CVE-2008-4069 was published May 2, 2022

Cross-domain vulnerability in Microsoft XML Core Services 3.0 through 6.0, as used in Microsoft... Moderate Unreviewed

CVE-2008-4033 was published May 2, 2022

Cross-domain vulnerability in Microsoft XML Core Services 3.0 and 4.0, as used in Internet... Moderate Unreviewed

CVE-2008-4029 was published May 2, 2022

The Base Service Utilities component in IBM DB2 9.1 before Fixpak 5 retains a cleartext password... Moderate Unreviewed

CVE-2008-3857 was published May 2, 2022

Memory leak in racoon/proposal.c in the racoon daemon in ipsec-tools before 0.7.1 allows remote... Moderate Unreviewed

CVE-2008-3651 was published May 2, 2022

The CQWeb login page in IBM Rational ClearQuest 7.0.1 allows remote attackers to obtain... Moderate Unreviewed

CVE-2008-3550 was published May 2, 2022

VMware VirtualCenter 2.5 before Update 2 and 2.0.2 before Update 5 relies on client-side "enabled... Moderate Unreviewed

CVE-2008-3514 was published May 2, 2022

Microsoft Internet Explorer 6 and 7 does not properly determine the domain or security zone of... Moderate Unreviewed

CVE-2008-3474 was published May 2, 2022

Vtiger CRM before 5.0.4 stores sensitive information under the web root with insufficient access... Moderate Unreviewed

CVE-2008-3458 was published May 2, 2022

PhpWebGallery 1.7.0 and 1.7.1 allows remote authenticated users with advisor privileges to obtain... Moderate Unreviewed

CVE-2008-3451 was published May 2, 2022

XRMS CRM 1.99.2 allows remote attackers to obtain configuration information via a direct request... Moderate Unreviewed

CVE-2008-3400 was published May 1, 2022

search_result.cfm in Jobbex JobSite allows remote attackers to obtain sensitive information via... Moderate Unreviewed

CVE-2008-3339 was published May 1, 2022

Moodle 1.6.5, when display_errors is enabled, allows remote attackers to obtain sensitive... Moderate Unreviewed

CVE-2008-3327 was published May 1, 2022

BilboBlog 0.2.1 allows remote attackers to obtain sensitive information via (1) an enable_cache... Moderate Unreviewed

CVE-2008-3304 was published May 1, 2022

EMC Dantz Retrospect Backup Client 7.5.116 sends the password hash in cleartext at an unspecified... Moderate Unreviewed

CVE-2008-3289 was published May 1, 2022

The default configuration of Red Hat Enterprise IPA 1.0.0 and FreeIPA before 1.1.1 places ldap://... Moderate Unreviewed

CVE-2008-3274 was published May 1, 2022

qiomkfile in the Quick I/O for Database feature in Symantec Veritas File System (VxFS) on HP-UX,... Moderate Unreviewed

CVE-2008-3248 was published May 1, 2022

Previous 1…251…271 Next

Previous 1 2 … 249 250 251 252 253 … 270 271 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

6,768 advisories