Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

9,964 advisories

Loading
Information leak in Compaq WL310, and the Orinoco Residential Gateway access point it is based on... Moderate Unreviewed
CVE-2002-0812 was published Apr 30, 2022
WebTrends Reporting Center 4.0d allows remote attackers to determine the real path of the web... Moderate Unreviewed
CVE-2002-0596 was published Apr 30, 2022
Information leaks in IIS 4 through 5.1 allow remote attackers to obtain potentially sensitive... Moderate Unreviewed
CVE-2002-0419 was published Apr 30, 2022
IIS 5 and 5.1 supporting WebDAV methods allows remote attackers to determine the internal IP... Low Unreviewed
CVE-2002-0422 was published Apr 30, 2022
iptables-save in iptables before 1.2.4 records the "--reject-with icmp-host-prohibited" rule as "... Low Unreviewed
CVE-2001-1387 was published Apr 30, 2022
Apache Tomcat Reveals Path through Long URL Moderate
CVE-2001-0917 was published for org.apache.tomcat:tomcat (Maven) Apr 30, 2022
Apache Tomcat Allows Source Disclosure Moderate
CVE-2001-0590 was published for org.apache.tomcat:tomcat-servlet-api (Maven) Apr 30, 2022
WFTPD and WFTPD Pro 2.41 RC12 allows remote attackers to obtain the full pathname of the server... Moderate Unreviewed
CVE-2000-0876 was published Apr 30, 2022
Jakarta Apache Tomcat Reveals Physical Paths Moderate
CVE-2000-0759 was published for org.apache.tomcat:tomcat (Maven) Apr 30, 2022
IIS 4.0 allows remote attackers to obtain the internal IP address of the server via an HTTP 1.0... Low Unreviewed
CVE-2000-0649 was published Apr 30, 2022
SawMill 5.0.21 CGI program allows remote attackers to read the first line of arbitrary files by... Moderate Unreviewed
CVE-2000-0588 was published Apr 30, 2022
Classic Cisco IOS 9.1 and later allows attackers with access to the login prompt to obtain... Low Unreviewed
CVE-2000-0368 was published Apr 30, 2022
Microsoft Java Virtual Machine allows remote attackers to read files via the... Low Unreviewed
CVE-2000-0132 was published Apr 30, 2022
Vulnerability in bb-hist.sh CGI History module in Big Brother 1.09b and 1.09c allows remote... Moderate Unreviewed
CVE-1999-1462 was published Apr 30, 2022
Vulnerability in Predictive on HP-UX 11.0 and earlier, and MPE/iX 5.5 and earlier, allows... Moderate Unreviewed
CVE-1999-1136 was published Apr 30, 2022
Internet Explorer 5 allows remote attackers to read files via an ExecCommand method called on an... Moderate Unreviewed
CVE-1999-0877 was published Apr 30, 2022
An incorrect configuration of the EZMall 2000 shopping cart CGI program "mall2000.cgi" could... Moderate Unreviewed
CVE-1999-0606 was published Apr 30, 2022
An incorrect configuration of the Order Form 1.0 shopping cart CGI program could disclose... Moderate Unreviewed
CVE-1999-0605 was published Apr 30, 2022
ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts. Low Unreviewed
CVE-1999-0524 was published Apr 30, 2022
An attacker can identify a CISCO device by sending a SYN packet to port 1999, which is for the... Moderate Unreviewed
CVE-1999-0453 was published Apr 30, 2022
The installer for BackOffice Server includes account names and passwords in a setup file (reboot... Low Unreviewed
CVE-1999-0372 was published Apr 30, 2022
IIS ASP caching problem releases sensitive information when two virtual servers share the same... Moderate Unreviewed
CVE-1999-0348 was published Apr 30, 2022
ScriptAlias directory in NCSA and Apache httpd allowed attackers to read CGI programs. High Unreviewed
CVE-1999-0236 was published Apr 30, 2022
IRIX fam service allows an attacker to obtain a list of all files on the server. High Unreviewed
CVE-1999-0059 was published Apr 30, 2022
A flaw was found in the way dic_unserialize function of glusterfs does not handle negative key... High Unreviewed
CVE-2018-10911 was published Apr 30, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database