Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

6,768 advisories

Loading
Microsoft Internet Information Server (IIS) 5.1 allows remote attackers to view path information... Moderate Unreviewed
CVE-2002-1717 was published Apr 30, 2022
Microsoft Internet Information Server (IIS) 5.1 may allow remote attackers to view the contents... Moderate Unreviewed
CVE-2002-1718 was published Apr 30, 2022
MidiCart stores the midicart.mdb database file under the Web document root, which allows remote... Moderate Unreviewed
CVE-2002-1432 was published Apr 30, 2022
Apache Tomcat Source Code Disclosure Moderate
CVE-2002-1148 was published for org.apache.tomcat:tomcat (Maven) Apr 30, 2022
Information leak in Compaq WL310, and the Orinoco Residential Gateway access point it is based on... Moderate Unreviewed
CVE-2002-0812 was published Apr 30, 2022
WebTrends Reporting Center 4.0d allows remote attackers to determine the real path of the web... Moderate Unreviewed
CVE-2002-0596 was published Apr 30, 2022
Information leaks in IIS 4 through 5.1 allow remote attackers to obtain potentially sensitive... Moderate Unreviewed
CVE-2002-0419 was published Apr 30, 2022
Apache Tomcat Reveals Path through Long URL Moderate
CVE-2001-0917 was published for org.apache.tomcat:tomcat (Maven) Apr 30, 2022
Apache Tomcat Allows Source Disclosure Moderate
CVE-2001-0590 was published for org.apache.tomcat:tomcat-servlet-api (Maven) Apr 30, 2022
WFTPD and WFTPD Pro 2.41 RC12 allows remote attackers to obtain the full pathname of the server... Moderate Unreviewed
CVE-2000-0876 was published Apr 30, 2022
Jakarta Apache Tomcat Reveals Physical Paths Moderate
CVE-2000-0759 was published for org.apache.tomcat:tomcat (Maven) Apr 30, 2022
SawMill 5.0.21 CGI program allows remote attackers to read the first line of arbitrary files by... Moderate Unreviewed
CVE-2000-0588 was published Apr 30, 2022
Vulnerability in bb-hist.sh CGI History module in Big Brother 1.09b and 1.09c allows remote... Moderate Unreviewed
CVE-1999-1462 was published Apr 30, 2022
Vulnerability in Predictive on HP-UX 11.0 and earlier, and MPE/iX 5.5 and earlier, allows... Moderate Unreviewed
CVE-1999-1136 was published Apr 30, 2022
Internet Explorer 5 allows remote attackers to read files via an ExecCommand method called on an... Moderate Unreviewed
CVE-1999-0877 was published Apr 30, 2022
An incorrect configuration of the EZMall 2000 shopping cart CGI program "mall2000.cgi" could... Moderate Unreviewed
CVE-1999-0606 was published Apr 30, 2022
An incorrect configuration of the Order Form 1.0 shopping cart CGI program could disclose... Moderate Unreviewed
CVE-1999-0605 was published Apr 30, 2022
An attacker can identify a CISCO device by sending a SYN packet to port 1999, which is for the... Moderate Unreviewed
CVE-1999-0453 was published Apr 30, 2022
IIS ASP caching problem releases sensitive information when two virtual servers share the same... Moderate Unreviewed
CVE-1999-0348 was published Apr 30, 2022
Webmail in Sun ONE Messaging Server 6.1 and iPlanet Messaging Server 5.2 before 5.2hf2.02 allows... Moderate Unreviewed
CVE-2004-2766 was published Apr 29, 2022
viewreport.pl in NetIQ WebTrends Reporting Center Enterprise Edition 6.1a allows remote attackers... Moderate Unreviewed
CVE-2004-2748 was published Apr 29, 2022
The default configuration of BEA WebLogic Server and Express 8.1 SP2 and earlier, 7.0 SP4 and... Moderate Unreviewed
CVE-2004-2320 was published Apr 29, 2022
Tiki CMS/Groupware (TikiWiki) 1.8.1 and earlier allows remote attackers to gain sensitive... Moderate Unreviewed
CVE-2004-1923 was published Apr 29, 2022
Oracle 10g Database Server, when installed with a password that contains an exclamation point ("!... Moderate Unreviewed
CVE-2004-1367 was published Apr 29, 2022
Mailman Sensitive Information Disclosure Moderate
CVE-2004-0412 was published for mailman (pip) Apr 29, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database