GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,603
Composer 5,006
Erlang 39
GitHub Actions 38
Go 2,636
Maven 6,104
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,946

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

8,842 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Oracle 10g Database Server, when installed with a password that contains an exclamation point ("!... Moderate Unreviewed

CVE-2004-1367 was published Apr 29, 2022

ScozNet ScozBook 1.1 BETA allows remote attackers to obtain sensitive information via an invalid... Moderate Unreviewed

CVE-2003-1555 was published Apr 29, 2022

The undocumented TRACK method in Microsoft Internet Information Services (IIS) 5.0 returns the... Moderate Unreviewed

CVE-2003-1567 was published Apr 29, 2022

Microsoft Internet Explorer 5.22, and other 5 through 6 SP1 versions, sends Referer headers... Moderate Unreviewed

CVE-2003-1559 was published Apr 29, 2022

Netscape 4 sends Referer headers containing https:// URLs in requests for http:// URLs, which... Moderate Unreviewed

CVE-2003-1560 was published Apr 29, 2022

Opera, probably before 7.50, sends Referer headers containing https:// URLs in requests for http:... Moderate Unreviewed

CVE-2003-1561 was published Apr 29, 2022

XOOPS 2.0, and possibly earlier versions, allows remote attackers to obtain sensitive information... Moderate Unreviewed

CVE-2003-1550 was published Apr 29, 2022

Haakon Nilsen Simple Internet Publishing System (SIPS) 0.2.2 stores sensitive information under... Moderate Unreviewed

CVE-2003-1553 was published Apr 29, 2022

MyABraCaDaWeb 1.0.2 and earlier allows remote attackers to obtain sensitive information via an... Moderate Unreviewed

CVE-2003-1548 was published Apr 29, 2022

WF-Chat 1.0 Beta stores sensitive information under the web root with insufficient access control... Moderate Unreviewed

CVE-2003-1540 was published Apr 29, 2022

PHP-Nuke 7.0 allows remote attackers to obtain the installation path via certain characters such... Moderate Unreviewed

CVE-2003-1526 was published Apr 29, 2022

Justice Guestbook 1.3 allows remote attackers to obtain the full installation path via a direct... Moderate Unreviewed

CVE-2003-1535 was published Apr 29, 2022

cart.pl in Dansie shopping cart allows remote attackers to obtain the installation path via an... Moderate Unreviewed

CVE-2003-1517 was published Apr 29, 2022

Phorum 3.4 through 3.4.2 allows remote attackers to obtain the full path of the web server via an... Moderate Unreviewed

CVE-2003-1486 was published Apr 29, 2022

The default configuration of ColdFusion MX has the "Enable Robust Exception Information" option... Moderate Unreviewed

CVE-2003-1469 was published Apr 29, 2022

CommuniGate Pro 3.1 through 4.0.6 sends the session ID in the referer field for an HTTP request... Moderate Unreviewed

CVE-2003-1481 was published Apr 29, 2022

The Web_Links module in PHP-Nuke 6.0 through 6.5 final allows remote attackers to obtain the full... Moderate Unreviewed

CVE-2003-1468 was published Apr 29, 2022

Apache HTTP Server 1.3.22 through 1.3.27 on OpenBSD allows remote attackers to obtain sensitive... Moderate Unreviewed

CVE-2003-1418 was published Apr 29, 2022

TOPo 1.43 allows remote attackers to obtain sensitive information by sending an HTTP request with... Moderate Unreviewed

CVE-2003-1409 was published Apr 29, 2022

Cisco IOS 12.0 through 12.2, when IP routing is disabled, accepts false ICMP redirect messages,... High Unreviewed

CVE-2003-1398 was published Apr 29, 2022

Lotus Domino Server 5.0 and 6.0 allows remote attackers to read the source code for files via an... Moderate Unreviewed

CVE-2003-1408 was published Apr 29, 2022

DotBr 0.1 stores config.inc with insufficient access control under the web document root, which... High Unreviewed

CVE-2003-1404 was published Apr 29, 2022

clarkconnectd in ClarkConnect Linux 1.2 allows remote attackers to obtain sensitive information... Moderate Unreviewed

CVE-2003-1379 was published Apr 29, 2022

chpass in OpenBSD 2.0 through 3.2 allows local users to read portions of arbitrary files via a... Low Unreviewed

CVE-2003-1366 was published Apr 29, 2022

Microsoft Exchange 2003 and Outlook Web Access (OWA), when configured to use NTLM authentication,... Moderate Unreviewed

CVE-2003-0904 was published Apr 29, 2022

Previous 1…347…354 Next

Previous 1 2 … 345 346 347 348 349 … 353 354 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

8,842 advisories