Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,271
NuGet
760
pip
4,065
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

8,846 advisories

Loading
Apple iTunes before 8.0 on Mac OS X 10.4.11, when iTunes Music Sharing is enabled but blocked by... Low Unreviewed
CVE-2008-3634 was published May 2, 2022
The CQWeb login page in IBM Rational ClearQuest 7.0.1 allows remote attackers to obtain... Moderate Unreviewed
CVE-2008-3550 was published May 2, 2022
Unspecified vulnerability in HP OpenView Select Identity (HPSI) Connectors on Windows, as used in... Low Unreviewed
CVE-2008-3539 was published May 2, 2022
VMware VirtualCenter 2.5 before Update 2 and 2.0.2 before Update 5 relies on client-side "enabled... Moderate Unreviewed
CVE-2008-3514 was published May 2, 2022
Microsoft Internet Explorer 6 and 7 does not properly determine the domain or security zone of... Moderate Unreviewed
CVE-2008-3474 was published May 2, 2022
Vtiger CRM before 5.0.4 stores sensitive information under the web root with insufficient access... Moderate Unreviewed
CVE-2008-3458 was published May 2, 2022
PhpWebGallery 1.7.0 and 1.7.1 allows remote authenticated users with advisor privileges to obtain... Moderate Unreviewed
CVE-2008-3451 was published May 2, 2022
XRMS CRM 1.99.2 allows remote attackers to obtain configuration information via a direct request... Moderate Unreviewed
CVE-2008-3400 was published May 1, 2022
search_result.cfm in Jobbex JobSite allows remote attackers to obtain sensitive information via... Moderate Unreviewed
CVE-2008-3339 was published May 1, 2022
Moodle 1.6.5, when display_errors is enabled, allows remote attackers to obtain sensitive... Moderate Unreviewed
CVE-2008-3327 was published May 1, 2022
BilboBlog 0.2.1 allows remote attackers to obtain sensitive information via (1) an enable_cache... Moderate Unreviewed
CVE-2008-3304 was published May 1, 2022
EMC Dantz Retrospect Backup Client 7.5.116 sends the password hash in cleartext at an unspecified... Moderate Unreviewed
CVE-2008-3289 was published May 1, 2022
The default configuration of Red Hat Enterprise IPA 1.0.0 and FreeIPA before 1.1.1 places ldap://... Moderate Unreviewed
CVE-2008-3274 was published May 1, 2022
The snd_seq_oss_synth_make_info function in sound/core/seq/oss/seq_oss_synth.c in the sound... Low Unreviewed
CVE-2008-3272 was published May 1, 2022
OpenSSH before 5.1 sets the SO_REUSEADDR socket option when the X11UseLocalhost configuration... Low Unreviewed
CVE-2008-3259 was published May 1, 2022
qiomkfile in the Quick I/O for Database feature in Symantec Veritas File System (VxFS) on HP-UX,... Moderate Unreviewed
CVE-2008-3248 was published May 1, 2022
The files utility in Empire Server before 4.3.15 discloses the world creation time, which makes... Moderate Unreviewed
CVE-2008-3168 was published May 1, 2022
Apple Safari sends Referer headers containing https URLs to different https web sites, which... Moderate Unreviewed
CVE-2008-3171 was published May 1, 2022
WeFi 3.2.1.4.1, when diagnostic mode is enabled, stores (1) WEP, (2) WPA, and (3) WPA2 access... Moderate Unreviewed
CVE-2008-3147 was published May 1, 2022
The RTMPT dissector in Wireshark (formerly Ethereal) 0.99.8 through 1.0.0 allows remote attackers... Moderate Unreviewed
CVE-2008-3139 was published May 1, 2022
The (1) PANA and (2) KISMET dissectors in Wireshark (formerly Ethereal) 0.99.3 through 1.0.0... Moderate Unreviewed
CVE-2008-3138 was published May 1, 2022
Unspecified vulnerability in the RMI dissector in Wireshark (formerly Ethereal) 0.9.5 through 1.0... Moderate Unreviewed
CVE-2008-3141 was published May 1, 2022
Unspecified vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0... Moderate Unreviewed
CVE-2008-3114 was published May 1, 2022
The Organic Groups (OG) module 5.x before 5.x-7.3 and 6.x before 6.x-1.0-RC1, a module for Drupal... Moderate Unreviewed
CVE-2008-3094 was published May 1, 2022
Opera before 9.51 does not properly manage memory within functions supporting the CANVAS element,... High Unreviewed
CVE-2008-3078 was published May 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database