Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,264
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

8,842 advisories

Loading
Unspecified vulnerability in LifeType before 1.1.6, and 1.2 before 1.2-beta2, allows remote... Moderate Unreviewed
CVE-2007-0979 was published May 1, 2022
Ezboxx Portal System Beta 0.7.6 and earlier allows remote attackers to obtain sensitive... High Unreviewed
CVE-2007-0259 was published May 1, 2022
Cisco Clean Access (CCA) 3.5.x through 3.5.9 and 3.6.x through 3.6.1.1 on the Clean Access... High Unreviewed
CVE-2007-0058 was published May 1, 2022
Interpretation conflict in ASP.NET in Microsoft .NET Framework 1.0, 1.1, and 2.0 for Windows 2000... High Unreviewed
CVE-2007-0042 was published May 1, 2022
The web portal interface in Citrix Access Gateway (aka Citrix Advanced Access Control) before... Moderate Unreviewed
CVE-2007-0011 was published May 1, 2022
The (1) dlback.php and (2) dlback.cgi scripts in Hot Links allow remote attackers to obtain... Moderate Unreviewed
CVE-2006-7086 was published May 1, 2022
install/loader_help.php in Headstart Solutions DeskPRO allows remote attackers to obtain... Moderate Unreviewed
CVE-2006-6998 was published May 1, 2022
attachment.php in Headstart Solutions DeskPRO allows remote attackers to read all uploaded files... Moderate Unreviewed
CVE-2006-6999 was published May 1, 2022
The virtual keyboard implementation in GlobeTrotter Mobility Manager changes the color of a key... Low Unreviewed
CVE-2006-6953 was published May 1, 2022
phpwcms 1.2.5-DEV allows remote attackers to obtain sensitive information via a direct request... Moderate Unreviewed
CVE-2006-6886 was published May 1, 2022
modules/viewcategory.php in Minh Nguyen Duong Obie Website Mini Web Shop 2.1.c allows remote... Moderate Unreviewed
CVE-2006-6735 was published May 1, 2022
The Servlet Engine and Web Container in IBM WebSphere Application Server (WAS) before 6.0.2.17,... Moderate Unreviewed
CVE-2006-6637 was published May 1, 2022
tiki-wiki_rss.php in Tikiwiki 1.9.5, 1.9.2, and possibly other versions allows remote attackers... Moderate Unreviewed
CVE-2006-6457 was published May 1, 2022
Adobe ColdFusion MX 7 through 7.0.2, and JRun 4, when run on Microsoft IIS, allows remote... Moderate Unreviewed
CVE-2006-5858 was published May 1, 2022
The SSL server in AEP Smartgate 4.3b allows remote attackers to determine existence of... Moderate Unreviewed
CVE-2006-5725 was published May 1, 2022
Tikiwiki 1.9.5 allows remote attackers to obtain sensitive information (MySQL username and... Moderate Unreviewed
CVE-2006-5702 was published May 1, 2022
OpenSSH portable 4.1 on SUSE Linux, and possibly other platforms and versions, and possibly under... Low Unreviewed
CVE-2006-5229 was published May 1, 2022
muforum (µforum) 0.4c stores membres/members.dat under the web document root with insufficient... Moderate Unreviewed
CVE-2006-4595 was published May 1, 2022
IBM WebSphere Application Server (WAS) before 6.0.2.13 allows context-dependent attackers to... Moderate Unreviewed
CVE-2006-4223 was published May 1, 2022
Multiple unspecified vulnerabilities in IBM WebSphere Application Server before 6.1.0.1 have... High Unreviewed
CVE-2006-4136 was published May 1, 2022
The do_gameinfo function in BomberClone 0.11.6 and earlier, and possibly other functions, does... Moderate Unreviewed
CVE-2006-4006 was published May 1, 2022
BT Voyager 2091 Wireless firmware 2.21.05.08m_A2pB018c1.d16d and earlier, and 3.01m and earlier,... Moderate Unreviewed
CVE-2006-3561 was published May 1, 2022
V3 Chat allows remote attackers to obtain the installation path via (1) an invalid id parameter... Low Unreviewed
CVE-2006-3365 was published May 1, 2022
Net Portal Dynamic System (NPDS) 5.10 and earlier allows remote attackers to obtain sensitive... Moderate Unreviewed
CVE-2006-2950 was published May 1, 2022
Internet Explorer 6 allows user-assisted remote attackers to read arbitrary files by tricking a... Moderate Unreviewed
CVE-2006-2900 was published May 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database