GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,600
Composer 5,005
Erlang 39
GitHub Actions 38
Go 2,635
Maven 6,103
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,424

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

6,768 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Apache Derby exposes user and password attributes Moderate

CVE-2005-4849 was published for org.apache.derby:derby (Maven) May 1, 2022

Apache Tomcat Discloses MS-DOS Pathname Moderate

CVE-2005-4703 was published for org.apache.tomcat:tomcat (Maven) May 1, 2022

roundcube webmail Alpha, with a default high verbose level ($rcmail_config['debug_level'] = 1),... Moderate Unreviewed

CVE-2005-4368 was published May 1, 2022

Limbo CMS 1.0.4.2 and earlier allows remote attackers to obtain the installation path of the... Moderate Unreviewed

CVE-2005-4320 was published May 1, 2022

phpCOIN 1.2.2 allows remote attackers to obtain the installation path via a direct request to... Moderate Unreviewed

CVE-2005-4214 was published May 1, 2022

Mortbay Jetty Discloses JSP Source Code Moderate

CVE-2005-3747 was published for org.mortbay.jetty:jetty (Maven) May 1, 2022

Zyxel P2000W Version 1 VOIP WIFI Phone Wj.00.10 allows remote attackers to obtain sensitive... Moderate Unreviewed

CVE-2005-3724 was published May 1, 2022

phpAdsNew and phpPgAds 2.0.6 and possibly earlier versions allows remote attackers to obtain the... Moderate Unreviewed

CVE-2005-3645 was published May 1, 2022

tiki-view_forum_thread.php in TikiWiki 1.9.0 through 1.9.2 allows remote attackers to obtain the... Moderate Unreviewed

CVE-2005-3529 was published May 1, 2022

IBM WebSphere Application Server 5.0.x before 5.02.15, 5.1.x before 5.1.1.8, and 6.x before... Moderate Unreviewed

CVE-2005-3498 was published May 1, 2022

The default configuration of the web server for the Solaris Management Console (SMC) in Solaris 8... Moderate Unreviewed

CVE-2005-3398 was published May 1, 2022

** DISPUTED ** JavaMail API 1.1.3 through 1.3, as used by Apache Tomcat 5.0.16, allows remote... Moderate Unreviewed

CVE-2005-1754 was published May 1, 2022

PHP-Nuke 6.x through 7.6 allows remote attackers to obtain sensitive information via a direct... Moderate Unreviewed

CVE-2005-1028 was published May 1, 2022

Novell iChain Mini FTP Server 2.3 displays different error messages if a user exists or not,... Moderate Unreviewed

CVE-2005-0797 was published May 1, 2022

The Cascading Style Sheets (CSS) implementation in Mozilla Firefox before 4.0, Thunderbird before... Moderate Unreviewed

CVE-2002-2436 was published Apr 30, 2022

The Cascading Style Sheets (CSS) implementation in Microsoft Internet Explorer 8.0 and earlier... Moderate Unreviewed

CVE-2002-2435 was published Apr 30, 2022

openwebmail.pl in Open WebMail 1.7 and 1.71 reveals sensitive information in error messages and... Moderate Unreviewed

CVE-2002-2410 was published Apr 30, 2022

Perception LiteServe 2.0 allows remote attackers to read password protected files via a leading "... Moderate Unreviewed

CVE-2002-2369 was published Apr 30, 2022

NetDSL ADSL Modem 800 with Microsoft Network firmware 5.5.11 allows remote attackers to gain... Moderate Unreviewed

CVE-2002-2380 was published Apr 30, 2022

phpinfo.php in phpBBmod 1.3.3 executes the phpinfo function, which allows remote attackers to... Moderate Unreviewed

CVE-2002-2349 was published Apr 30, 2022

phpBB 2.0 through 2.0.3 generates names for uploaded avatar files with the hex-encoded IP address... Moderate Unreviewed

CVE-2002-2346 was published Apr 30, 2022

Bannermatic 1, 2, and 3 stores the (1) ban.log, (2) ban.bak, (3) ban.dat and (4) banmat.pwd data... Moderate Unreviewed

CVE-2002-2342 was published Apr 30, 2022

Mambo Site Server 4.0.11 allows remote attackers to obtain the physical path of the server via an... Moderate Unreviewed

CVE-2002-2288 was published Apr 30, 2022

soinfo.php in BadBlue 1.7.1 calls the phpinfo function, which allows remote attackers to gain... Moderate Unreviewed

CVE-2002-2289 was published Apr 30, 2022

Ultimate PHP Board (UPB) 1.0 allows remote attackers to view the physical path of the message... Moderate Unreviewed

CVE-2002-2276 was published Apr 30, 2022

Previous 1…259…271 Next

Previous 1 2 … 257 258 259 260 261 … 270 271 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

6,768 advisories