GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,603
Composer 5,006
Erlang 39
GitHub Actions 38
Go 2,636
Maven 6,104
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,513

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

9,964 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Unspecified vulnerability in MediaWiki 1.11 before 1.11.2 allows remote attackers to obtain... Moderate Unreviewed

CVE-2008-1318 was published May 1, 2022

ViewVC before 1.0.5 includes "all-forbidden" files within search results that list CVS or... Moderate Unreviewed

CVE-2008-1290 was published May 1, 2022

ViewVC before 1.0.5 stores sensitive information under the web root with insufficient access... Moderate Unreviewed

CVE-2008-1291 was published May 1, 2022

IBM Rational ClearQuest 7.0.1.1 and 7.0.0.2 might allow local or remote attackers to obtain... Moderate Unreviewed

CVE-2008-1288 was published May 1, 2022

ViewVC before 1.0.5 provides revision metadata without properly checking whether access was... Moderate Unreviewed

CVE-2008-1292 was published May 1, 2022

mod_userdir in lighttpd 1.4.18 and earlier, when userdir.path is not set, uses a default of $HOME... Moderate Unreviewed

CVE-2008-1270 was published May 1, 2022

b_banner.stm (aka the login page) on the Deutsche Telekom Speedport W500 DSL router allows remote... High Unreviewed

CVE-2008-1252 was published May 1, 2022

Juniper Networks Secure Access 2000 5.5 R1 (build 11711) allows remote attackers to obtain... Moderate Unreviewed

CVE-2008-1181 was published May 1, 2022

Flyspray 0.9.9.4 generates different error messages depending on whether the username is valid or... Moderate Unreviewed

CVE-2008-1166 was published May 1, 2022

Cisco Network Admission Control (NAC) Appliance 3.5.x, 3.6.x before 3.6.4.4, 4.0.x before 4.0.6,... High Unreviewed

CVE-2008-1155 was published May 1, 2022

OMEGA (aka Omegasoft) INterneSErvicesLosungen (INSEL) 7 generates different responses depending... Moderate Unreviewed

CVE-2008-1135 was published May 1, 2022

mod_cgi in lighttpd 1.4.18 sends the source code of CGI scripts instead of a 500 error when a... Moderate Unreviewed

CVE-2008-1111 was published May 1, 2022

Cisco Unified Wireless IP Phone 7921, when using Protected Extensible Authentication Protocol ... High Unreviewed

CVE-2008-1113 was published May 1, 2022

Apple QuickTime before 7.4.5 does not properly handle external URLs in movies, which allows... Moderate Unreviewed

CVE-2008-1014 was published May 1, 2022

WebCore, as used in Apple Safari before 3.1, does not properly mask the password field when... Low Unreviewed

CVE-2008-1005 was published May 1, 2022

Preview in Apple Mac OS X 10.5.2 uses 40-bit RC4 when saving a PDF file with encryption, which... Low Unreviewed

CVE-2008-0994 was published May 1, 2022

The Printing component in Apple Mac OS X 10.5.2 might save authentication credentials to disk... Low Unreviewed

CVE-2008-0996 was published May 1, 2022

The Printing component in Apple Mac OS X 10.5.2 uses 40-bit RC4 when printing to an encrypted PDF... Low Unreviewed

CVE-2008-0995 was published May 1, 2022

notifyd in Apple Mac OS X 10.4.11 does not verify that Mach port death notifications have... Moderate Unreviewed

CVE-2008-0990 was published May 1, 2022

Podcast Capture in Podcast Producer for Apple Mac OS X 10.5.2 invokes a subtask with passwords in... Low Unreviewed

CVE-2008-0993 was published May 1, 2022

Double-Take 5.0.0.2865 and earlier, distributed under the HP StorageWorks Storage Mirroring name... Moderate Unreviewed

CVE-2008-0978 was published May 1, 2022

Unspecified vulnerability in the dynamic tracing framework (DTrace) in Sun Solaris 10 allows... Moderate Unreviewed

CVE-2008-0938 was published May 1, 2022

Unspecified vulnerability in the download servlet in BEA Plumtree Collaboration 4.1 through SP2... High Unreviewed

CVE-2008-0904 was published May 1, 2022

BEA WebLogic Server and Express 7.0 through 10.0 allows remote attackers to conduct brute force... High Unreviewed

CVE-2008-0901 was published May 1, 2022

BEA WebLogic Server and WebLogic Express 9.0 and 9.1 exposes the web service's WSDL and security... Moderate Unreviewed

CVE-2008-0863 was published May 1, 2022

Previous 1…371…399 Next

Previous 1 2 … 369 370 371 372 373 … 398 399 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

9,964 advisories