GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,603
Composer 5,006
Erlang 39
GitHub Actions 38
Go 2,636
Maven 6,104
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,816

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

9,969 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

CQWeb (aka the web interface) in IBM Rational ClearQuest before 7.1.1 does not properly handle... Moderate Unreviewed

CVE-2009-4357 was published May 2, 2022

extras/ipn_test_return.php in Zen Cart allows remote attackers to obtain sensitive information... Moderate Unreviewed

CVE-2009-4322 was published May 2, 2022

Multiple unspecified authentication plugins in Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7... Moderate Unreviewed

CVE-2009-4300 was published May 2, 2022

Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 stores (1) password hashes and (2) unspecified ... Moderate Unreviewed

CVE-2009-4303 was published May 2, 2022

The LAMS module (mod/lams) for Moodle 1.8 before 1.8.11 and 1.9 before 1.9.7 stores the (1)... Moderate Unreviewed

CVE-2009-4298 was published May 2, 2022

PowerPhlogger 2.2.5 allows remote attackers to obtain sensitive information via a direct request... Moderate Unreviewed

CVE-2009-4254 was published May 2, 2022

The process function in data/class/pages/admin/customer/LC_Page_Admin_Customer_SearchCustomer.php... Moderate Unreviewed

CVE-2009-4236 was published May 2, 2022

CutePHP CuteNews 1.4.6 and UTF-8 CuteNews before 8b allows remote attackers to obtain sensitive... Moderate Unreviewed

CVE-2009-4175 was published May 2, 2022

WP-Cumulus Plug-in 1.20 for WordPress, and possibly other versions, allows remote attackers to... Moderate Unreviewed

CVE-2009-4170 was published May 2, 2022

TYPO3 Simple Download-System with Counter and Categories Vulnerable to Information Disclosure Moderate

CVE-2009-4160 was published for jweiland/kk-downloader (Composer) May 2, 2022

nm-connection-editor in NetworkManager (NM) 0.7.x exports connection objects over D-Bus upon... Low Unreviewed

CVE-2009-4145 was published May 2, 2022

The install wizard in DotNetNuke 4.0 through 5.1.4 does not prevent anonymous users from... Moderate Unreviewed

CVE-2009-4109 was published May 2, 2022

The printing functionality in Microsoft Internet Explorer 8 allows remote attackers to discover a... Moderate Unreviewed

CVE-2009-4073 was published May 2, 2022

The GeckoActiveXObject function in Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and... High Unreviewed

CVE-2009-3987 was published May 2, 2022

Unspecified vulnerability in the Flash Player ActiveX control in Adobe Flash Player before 10.0... High Unreviewed

CVE-2009-3951 was published May 2, 2022

Joomla! before 1.5.15 allows remote attackers to read an extension's XML file, and thereby obtain... Moderate Unreviewed

CVE-2009-3946 was published May 2, 2022

Multiple unspecified vulnerabilities in the Windows Pluggable Look and Feel (PL&F) feature in the... High Unreviewed

CVE-2009-3883 was published May 2, 2022

Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, does not prevent the... High Unreviewed

CVE-2009-3881 was published May 2, 2022

Multiple unspecified vulnerabilities in the Swing implementation in Sun Java SE 5.0 before Update... High Unreviewed

CVE-2009-3882 was published May 2, 2022

RunCMS 2M1, when running with certain error_reporting levels, allows remote attackers to obtain... Moderate Unreviewed

CVE-2009-3815 was published May 2, 2022

Unspecified vulnerability in Userpoints 6.x before 6.x-1.1, a module for Drupal, allows remote... Low Unreviewed

CVE-2009-3782 was published May 2, 2022

phpBMS 0.96 allows remote attackers to obtain sensitive information via a direct request to (1)... Moderate Unreviewed

CVE-2009-3756 was published May 2, 2022

Asterisk Open Source 1.2.x before 1.2.35, 1.4.x before 1.4.26.3, 1.6.0.x before 1.6.0.17, and 1.6... Moderate Unreviewed

CVE-2009-3727 was published May 2, 2022

InterVations NaviCOPA Web Server 3.01 allows remote attackers to obtain the source code for a web... Moderate Unreviewed

CVE-2009-3646 was published May 2, 2022

TYPO3 Backend Discloses Encryption Key Moderate

CVE-2009-3628 was published for typo3/cms-backend (Composer) May 2, 2022

Previous 1…362…399 Next

Previous 1 2 … 360 361 362 363 364 … 398 399 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

9,969 advisories