Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

9,964 advisories

Loading
Apache HTTP Server 1.3.22 through 1.3.27 on OpenBSD allows remote attackers to obtain sensitive... Moderate Unreviewed
CVE-2003-1418 was published Apr 29, 2022
TOPo 1.43 allows remote attackers to obtain sensitive information by sending an HTTP request with... Moderate Unreviewed
CVE-2003-1409 was published Apr 29, 2022
Cisco IOS 12.0 through 12.2, when IP routing is disabled, accepts false ICMP redirect messages,... High Unreviewed
CVE-2003-1398 was published Apr 29, 2022
Lotus Domino Server 5.0 and 6.0 allows remote attackers to read the source code for files via an... Moderate Unreviewed
CVE-2003-1408 was published Apr 29, 2022
DotBr 0.1 stores config.inc with insufficient access control under the web document root, which... High Unreviewed
CVE-2003-1404 was published Apr 29, 2022
clarkconnectd in ClarkConnect Linux 1.2 allows remote attackers to obtain sensitive information... Moderate Unreviewed
CVE-2003-1379 was published Apr 29, 2022
chpass in OpenBSD 2.0 through 3.2 allows local users to read portions of arbitrary files via a... Low Unreviewed
CVE-2003-1366 was published Apr 29, 2022
Microsoft Exchange 2003 and Outlook Web Access (OWA), when configured to use NTLM authentication,... Moderate Unreviewed
CVE-2003-0904 was published Apr 29, 2022
VisNetic WebSite 3.5 allows remote attackers to obtain the full pathname of the server via a... Moderate Unreviewed
CVE-2003-0456 was published Apr 29, 2022
Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes,... Moderate Unreviewed
CVE-2003-0001 was published Apr 29, 2022
In Bender/ebee Charge Controllers in multiple versions are prone to an RFID leak. The RFID of the... High Unreviewed
CVE-2021-34589 was published Apr 28, 2022
IBM QRadar SIEM 7.3, 7.4, and 7.5 could allow an authenticated user to obtain sensitive... Moderate Unreviewed
CVE-2021-29776 was published Apr 28, 2022
IBM QRadar SIEM 7.3, 7.4, and 7.5 in some senarios may reveal authorized service tokens to other... High Unreviewed
CVE-2021-38919 was published Apr 28, 2022
A vulnerability in SonicOS SNMP service resulting exposure of sensitive information to an... Moderate Unreviewed
CVE-2022-22276 was published Apr 28, 2022
A vulnerability in SonicOS SNMP service resulting exposure of Wireless Access Point sensitive... Moderate Unreviewed
CVE-2022-22277 was published Apr 28, 2022
Exposure of SSH credentials in Rancher/Fleet Low
GHSA-wm2r-rp98-8pmh was published for github.com/rancher/rancher (Go) Apr 27, 2022
The myCred WordPress plugin before 2.4.3.1 does not have any authorisation in place in its mycred... Moderate Unreviewed
CVE-2022-0287 was published Apr 26, 2022
JBoss AS may expose root content if excluded-contexts list is mismatched High
CVE-2012-1094 was published for org.jboss.as:jboss-as-server (Maven) Apr 23, 2022
BlackBerry PlayBook before 2.1 has an Information Disclosure Vulnerability via a Web browser... Moderate Unreviewed
CVE-2012-5828 was published Apr 23, 2022
The Simplenews module 6.x-1.x before 6.x-1.4, 6.x-2.x before 6.x-2.0-alpha4, and 7.x-1.x before 7... Moderate Unreviewed
CVE-2012-2724 was published Apr 23, 2022
Within the RHOS Essex Preview (2012.2) of the OpenStack dashboard package, the file /etc/quantum... Moderate Unreviewed
CVE-2012-5476 was published Apr 23, 2022
An information disclosure flaw was found in the way the Java Virtual Machine (JVM) implementation... High Unreviewed
CVE-2012-4420 was published Apr 23, 2022
An Information Disclosure vulnerability exists in the Jasig Project php-pear-CAS 1.2.2 package in... Moderate Unreviewed
CVE-2012-1105 was published Apr 23, 2022
gnome-system-log polkit policy allows arbitrary files on the system to be read High Unreviewed
CVE-2012-5535 was published Apr 23, 2022
W3 Total Cache before 0.9.2.5 generates hash keys insecurely which allows remote attackers to... Moderate Unreviewed
CVE-2012-6078 was published Apr 23, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database