Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

9,967 advisories

Loading
qiomkfile in the Quick I/O for Database feature in Symantec Veritas File System (VxFS) on HP-UX,... Moderate Unreviewed
CVE-2008-3248 was published May 1, 2022
The files utility in Empire Server before 4.3.15 discloses the world creation time, which makes... Moderate Unreviewed
CVE-2008-3168 was published May 1, 2022
Apple Safari sends Referer headers containing https URLs to different https web sites, which... Moderate Unreviewed
CVE-2008-3171 was published May 1, 2022
WeFi 3.2.1.4.1, when diagnostic mode is enabled, stores (1) WEP, (2) WPA, and (3) WPA2 access... Moderate Unreviewed
CVE-2008-3147 was published May 1, 2022
The RTMPT dissector in Wireshark (formerly Ethereal) 0.99.8 through 1.0.0 allows remote attackers... Moderate Unreviewed
CVE-2008-3139 was published May 1, 2022
The (1) PANA and (2) KISMET dissectors in Wireshark (formerly Ethereal) 0.99.3 through 1.0.0... Moderate Unreviewed
CVE-2008-3138 was published May 1, 2022
Unspecified vulnerability in the RMI dissector in Wireshark (formerly Ethereal) 0.9.5 through 1.0... Moderate Unreviewed
CVE-2008-3141 was published May 1, 2022
Unspecified vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0... Moderate Unreviewed
CVE-2008-3114 was published May 1, 2022
The Organic Groups (OG) module 5.x before 5.x-7.3 and 6.x before 6.x-1.0-RC1, a module for Drupal... Moderate Unreviewed
CVE-2008-3094 was published May 1, 2022
Opera before 9.51 does not properly manage memory within functions supporting the CANVAS element,... High Unreviewed
CVE-2008-3078 was published May 1, 2022
V-webmail 1.5.0 allows remote attackers to obtain sensitive information via (1) malformed input... Moderate Unreviewed
CVE-2008-3060 was published May 1, 2022
The PDF Generator 2 (pdf_generator2) extension 0.5.0 and earlier for TYPO3 allows attackers to... Moderate Unreviewed
CVE-2008-3049 was published May 1, 2022
Unspecified vulnerability in the DAM Frontend (dam_frontend) extension 0.1.0 and earlier for... Moderate Unreviewed
CVE-2008-3040 was published May 1, 2022
Microsoft Windows Media Player 6.4, Windows Media Format Runtime 7.1 through 11, and Windows... High Unreviewed
CVE-2008-3010 was published May 1, 2022
Relative Real Estate Systems 3.0 and earlier stores passwords in cleartext in a MySQL database,... Moderate Unreviewed
CVE-2008-2881 was published May 1, 2022
eLineStudio Site Composer (ESC) 2.6 and earlier allows remote attackers to obtain sensitive... Moderate Unreviewed
CVE-2008-2864 was published May 1, 2022
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly handle an invalid ... Moderate Unreviewed
CVE-2008-2807 was published May 1, 2022
No-IP Dynamic Update Client (DUC) 2.2.1 on Windows uses weak permissions for the HKLM\SOFTWARE... Low Unreviewed
CVE-2008-2747 was published May 1, 2022
Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) 5500 devices 8.0(3)15, 8.0(3... High Unreviewed
CVE-2008-2736 was published May 1, 2022
arch/x86_64/lib/copy_user.S in the Linux kernel before 2.6.19 on some AMD64 systems does not... Moderate Unreviewed
CVE-2008-2729 was published May 1, 2022
embed.php in Menalto Gallery before 2.2.5 allows remote attackers to obtain the full path via... Moderate Unreviewed
CVE-2008-2723 was published May 1, 2022
Unspecified vulnerability in the album-select module in Menalto Gallery before 2.2.5 allows... Moderate Unreviewed
CVE-2008-2721 was published May 1, 2022
Unspecified vulnerability in Opera before 9.5 allows remote attackers to read cross-domain images... Moderate Unreviewed
CVE-2008-2715 was published May 1, 2022
Realm CMS 2.3 and earlier allows remote attackers to obtain sensitive information via a direct... Moderate Unreviewed
CVE-2008-2681 was published May 1, 2022
The sarab.sh script in SaraB before 0.2.4 places the dar program's encryption key on the command... Low Unreviewed
CVE-2008-2517 was published May 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database