Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

9,966 advisories

Loading
smbd in Samba 3.0.29 through 3.2.4 might allow remote attackers to read arbitrary memory and... High Unreviewed
CVE-2008-4314 was published May 2, 2022
Apache Tomcat information disclosure vulnerability Low
CVE-2008-4308 was published for org.apache.tomcat:tomcat (Maven) May 2, 2022
VMware VirtualCenter 2.5 before Update 3 build 119838 on Windows displays a user's password in... Low Unreviewed
CVE-2008-4278 was published May 2, 2022
The Passcode Lock feature in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1... Low Unreviewed
CVE-2008-4230 was published May 2, 2022
The plug-in interface in WebKit in Apple Safari before 3.2 does not prevent plug-ins from... Moderate Unreviewed
CVE-2008-4216 was published May 2, 2022
Attachmax Dolphin 2.1.0 and earlier does not properly protect info.php in the main folder, which... Moderate Unreviewed
CVE-2008-4207 was published May 2, 2022
Opera before 9.52 does not prevent use of links from web pages to feed source files on the local... Moderate Unreviewed
CVE-2008-4199 was published May 2, 2022
Unspecified vulnerability in db.php in NooMS 1.1 allows remote attackers to conduct brute force... Moderate Unreviewed
CVE-2008-4180 was published May 2, 2022
IntegraMOD 1.4.x stores sensitive information under the web root with insufficient access control... Moderate Unreviewed
CVE-2008-4183 was published May 2, 2022
cron.php in MemHT Portal 3.9.0 and earlier allows remote attackers to obtain sensitive... Low Unreviewed
CVE-2008-4164 was published May 2, 2022
create_account.php in osCommerce 2.2 RC 2a allows remote attackers to obtain sensitive... Moderate Unreviewed
CVE-2008-4170 was published May 2, 2022
The search function in phpBB 2.x provides a search_id value that leaks the state of PHP's PRNG,... Moderate Unreviewed
CVE-2008-4125 was published May 2, 2022
TalkBack 2.3.6 allows remote attackers to obtain configuration information via a direct request... Moderate Unreviewed
CVE-2008-4115 was published May 2, 2022
The sctp_getsockopt_hmac_ident function in net/sctp/socket.c in the Stream Control Transmission... Moderate Unreviewed
CVE-2008-4113 was published May 2, 2022
The XBM decoder in Mozilla Firefox before 2.0.0.17 and SeaMonkey before 1.1.12 allows remote... Moderate Unreviewed
CVE-2008-4069 was published May 2, 2022
Cross-domain vulnerability in Microsoft XML Core Services 3.0 through 6.0, as used in Microsoft... Moderate Unreviewed
CVE-2008-4033 was published May 2, 2022
Cross-domain vulnerability in Microsoft XML Core Services 3.0 and 4.0, as used in Internet... Moderate Unreviewed
CVE-2008-4029 was published May 2, 2022
The from_format function in ssmtp.c in ssmtp 2.61 and 2.62, in certain configurations, uses... Low Unreviewed
CVE-2008-3962 was published May 2, 2022
Multiple unspecified vulnerabilities in ClamAV before 0.94 have unknown impact and attack vectors... High Unreviewed
CVE-2008-3914 was published May 2, 2022
Intel firmware PE94510M.86A.0050.2007.0710.1559 stores pre-boot authentication passwords in the... Low Unreviewed
CVE-2008-3900 was published May 2, 2022
Software suspend 2 2-2.2.1, when used with the Linux kernel 2.6.16, stores pre-boot... Low Unreviewed
CVE-2008-3901 was published May 2, 2022
HP firmware 68DTT F.0D stores pre-boot authentication passwords in the BIOS Keyboard buffer and... Low Unreviewed
CVE-2008-3902 was published May 2, 2022
Asterisk Open Source 1.2.x before 1.2.32, 1.4.x before 1.4.24.1, and 1.6.0.x before 1.6.0.8;... Low Unreviewed
CVE-2008-3903 was published May 2, 2022
DiskCryptor 0.2.6 on Windows stores pre-boot authentication passwords in the BIOS Keyboard buffer... Low Unreviewed
CVE-2008-3897 was published May 2, 2022
TrueCrypt 5.0 stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not... Low Unreviewed
CVE-2008-3899 was published May 2, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database