Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

9,969 advisories

Loading
ViewVC before 1.1.3 composes the root listing view without using the authorizer for each root,... Moderate Unreviewed
CVE-2010-0004 was published May 2, 2022
Apache CouchDB 0.8.0 through 0.10.1 allows remote attackers to obtain sensitive information by... Moderate Unreviewed
CVE-2010-0009 was published May 2, 2022
The print_fatal_signal function in kernel/signal.c in the Linux kernel before 2.6.32.4 on the... Moderate Unreviewed
CVE-2010-0003 was published May 2, 2022
The Personal Email Manager component in Websense Email Security before 7.2 allows remote... Moderate Unreviewed
CVE-2009-5122 was published May 2, 2022
The Web Post Protection feature in McAfee Host Data Loss Prevention (DLP) 3.x before 3.0.100.10... Low Unreviewed
CVE-2009-5117 was published May 2, 2022
wgarcmin.cgi in WebGlimpse 2.18.7 and earlier allows remote attackers to obtain the installation... Moderate Unreviewed
CVE-2009-5112 was published May 2, 2022
Pentaho BI Server 1.7.0.1062 and earlier does not set the autocomplete tag to off on web pages... Low Unreviewed
CVE-2009-5100 was published May 2, 2022
Pentaho BI Server 1.7.0.1062 and earlier includes the session ID (JSESSIONID) in the URL, which... Moderate Unreviewed
CVE-2009-5101 was published May 2, 2022
The Nokia client in IBM Lotus Notes Traveler before 8.5.0.2 does not properly handle multiple... Moderate Unreviewed
CVE-2009-5035 was published May 2, 2022
IBM Lotus Notes Traveler before 8.5.0.2 does not properly handle a "* *" argument sequence for a... Moderate Unreviewed
CVE-2009-5033 was published May 2, 2022
Lanai Core 0.6 allows remote attackers to obtain configuration information via a direct request... Moderate Unreviewed
CVE-2009-4961 was published May 2, 2022
Unspecified vulnerability in the ClickStream Analyzer [output] (alternet_csa_out) extension 0.3.0... Moderate Unreviewed
CVE-2009-4951 was published May 2, 2022
index.php in AdPeeps 8.5d1 allows remote attackers to obtain sensitive information via (1) a... Moderate Unreviewed
CVE-2009-4943 was published May 2, 2022
ToutVirtual VirtualIQ Pro 3.2 build 7882 does not restrict access to the /status URI on port 9080... Moderate Unreviewed
CVE-2009-4844 was published May 2, 2022
Wolfram Research webMathematica allows remote attackers to obtain sensitive information via a... Moderate Unreviewed
CVE-2009-4812 was published May 2, 2022
Mozilla Necko, as used in Firefox, SeaMonkey, and other applications, performs DNS prefetching of... Moderate Unreviewed
CVE-2009-4630 was published May 2, 2022
Mozilla Necko, as used in Thunderbird 3.0.1, SeaMonkey, and other applications, performs DNS... Moderate Unreviewed
CVE-2009-4629 was published May 2, 2022
The Dump Servlet in Mort Bay Jetty 6.x and 7.0.0 allows remote attackers to obtain sensitive... Moderate Unreviewed
CVE-2009-4609 was published May 2, 2022
Mongoose 2.8.0 and earlier allows remote attackers to obtain the source code for a web page by... Moderate Unreviewed
CVE-2009-4535 was published May 2, 2022
The Webform module 5.x before 5.x-2.8 and 6.x before 6.x-2.8, a module for Drupal, does not... Moderate Unreviewed
CVE-2009-4533 was published May 2, 2022
Mongoose 2.8.0 and earlier allows remote attackers to obtain the source code for a web page by... Moderate Unreviewed
CVE-2009-4530 was published May 2, 2022
httpdx 1.4.4 and earlier allows remote attackers to obtain the source code for a web page by... Moderate Unreviewed
CVE-2009-4531 was published May 2, 2022
InterVations NaviCOPA Web Server 3.0.1.2 and earlier allows remote attackers to obtain the source... Moderate Unreviewed
CVE-2009-4529 was published May 2, 2022
Multiple directory traversal vulnerabilities in the web administration interface on the TANDBERG... Moderate Unreviewed
CVE-2009-4511 was published May 2, 2022
DeluxeBB 1.3 allows remote attackers to obtain sensitive information via a crafted page parameter... Moderate Unreviewed
CVE-2009-4466 was published May 2, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database