GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,600
Composer 5,005
Erlang 39
GitHub Actions 38
Go 2,635
Maven 6,103
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,442

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

6,768 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Apache Tomcat treats single quotes as delimiters in cookies Moderate

CVE-2007-3382 was published for org.apache.tomcat:tomcat (Maven) May 1, 2022

Mozilla Firefox 2.0.0.4 and earlier allows remote attackers to read files in the local Firefox... Moderate Unreviewed

CVE-2007-3074 was published May 1, 2022

PsychoStats 3.0.6b and earlier allows remote attackers to obtain sensitive information via a... Moderate Unreviewed

CVE-2007-2780 was published May 1, 2022

OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, allows remote attackers to... Moderate Unreviewed

CVE-2007-2768 was published May 1, 2022

The substr_count function in PHP 5.2.1 and earlier allows context-dependent attackers to obtain... Moderate Unreviewed

CVE-2007-2748 was published May 1, 2022

Nokia Intellisync Mobile Suite 6.4.31.2, 6.6.0.107, and 6.6.2.2, possibly involving Novell... Moderate Unreviewed

CVE-2007-2590 was published May 1, 2022

The RecentChanges feature in WikkaWiki (Wikka Wiki) before 1.1.6.3 allows remote attackers to... Moderate Unreviewed

CVE-2007-2552 was published May 1, 2022

QuickTime for Java in Apple Quicktime before 7.2 does not perform sufficient "access control,"... Moderate Unreviewed

CVE-2007-2402 was published May 1, 2022

The jQuery framework exchanges data using JavaScript Object Notation (JSON) without an associated... Moderate Unreviewed

CVE-2007-2379 was published May 1, 2022

Apache Axis 1.0 allows remote attackers to obtain sensitive information by requesting a non... Moderate Unreviewed

CVE-2007-2353 was published May 1, 2022

Exponent CMS 0.96.6 Alpha and earlier allows remote attackers to obtain path information via a... Moderate Unreviewed

CVE-2007-2253 was published May 1, 2022

The FTP protocol implementation in Opera 9.10 allows remote attackers to allows remote servers to... Moderate Unreviewed

CVE-2007-1563 was published May 1, 2022

The FTP protocol implementation in Konqueror 3.5.5 allows remote servers to force the client to... Moderate Unreviewed

CVE-2007-1564 was published May 1, 2022

The FTP protocol implementation in Mozilla Firefox before 1.5.0.11 and 2.x before 2.0.0.3 allows... Moderate Unreviewed

CVE-2007-1562 was published May 1, 2022

sitex allows remote attackers to obtain potentially sensitive information via a ' (quote) value... Moderate Unreviewed

CVE-2007-1237 was published May 1, 2022

inc/filebrowser/browser.php in deV!L`z Clanportal (DZCP) 1.4.5 and earlier allows remote... Moderate Unreviewed

CVE-2007-1167 was published May 1, 2022

The CheckLoadURI function in Mozilla Firefox 1.8 lists the about: URI as a ChromeProtocol and can... Moderate Unreviewed

CVE-2007-1116 was published May 1, 2022

Pearson Education PowerSchool 4.3.6 allows remote attackers to list the contents of the admin... Moderate Unreviewed

CVE-2007-1044 was published May 1, 2022

Unspecified vulnerability in LifeType before 1.1.6, and 1.2 before 1.2-beta2, allows remote... Moderate Unreviewed

CVE-2007-0979 was published May 1, 2022

The web portal interface in Citrix Access Gateway (aka Citrix Advanced Access Control) before... Moderate Unreviewed

CVE-2007-0011 was published May 1, 2022

The (1) dlback.php and (2) dlback.cgi scripts in Hot Links allow remote attackers to obtain... Moderate Unreviewed

CVE-2006-7086 was published May 1, 2022

install/loader_help.php in Headstart Solutions DeskPRO allows remote attackers to obtain... Moderate Unreviewed

CVE-2006-6998 was published May 1, 2022

attachment.php in Headstart Solutions DeskPRO allows remote attackers to read all uploaded files... Moderate Unreviewed

CVE-2006-6999 was published May 1, 2022

phpwcms 1.2.5-DEV allows remote attackers to obtain sensitive information via a direct request... Moderate Unreviewed

CVE-2006-6886 was published May 1, 2022

modules/viewcategory.php in Minh Nguyen Duong Obie Website Mini Web Shop 2.1.c allows remote... Moderate Unreviewed

CVE-2006-6735 was published May 1, 2022

Previous 1…257…271 Next

Previous 1 2 … 255 256 257 258 259 … 270 271 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

6,768 advisories