Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,851
Erlang
36
GitHub Actions
35
Go
2,481
Maven
5,000+
npm
4,100
NuGet
734
pip
3,914
Pub
12
RubyGems
945
Rust
1,016
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,047 advisories

Loading
Unspecified vulnerability in the Windows client API in Novell GroupWise 7 before SP3 and 6.5... Low Unreviewed
CVE-2008-1330 was published May 1, 2022
WebCore, as used in Apple Safari before 3.1, does not properly mask the password field when... Low Unreviewed
CVE-2008-1005 was published May 1, 2022
Preview in Apple Mac OS X 10.5.2 uses 40-bit RC4 when saving a PDF file with encryption, which... Low Unreviewed
CVE-2008-0994 was published May 1, 2022
The Printing component in Apple Mac OS X 10.5.2 might save authentication credentials to disk... Low Unreviewed
CVE-2008-0996 was published May 1, 2022
The Printing component in Apple Mac OS X 10.5.2 uses 40-bit RC4 when printing to an encrypted PDF... Low Unreviewed
CVE-2008-0995 was published May 1, 2022
Podcast Capture in Podcast Producer for Apple Mac OS X 10.5.2 invokes a subtask with passwords in... Low Unreviewed
CVE-2008-0993 was published May 1, 2022
Flexera Macrovision InstallShield before 2008 sends a digital-signature password to an unintended... Low Unreviewed
CVE-2007-6744 was published May 1, 2022
The libdspam7-drv-mysql cron job in Debian GNU/Linux includes the MySQL dspam database password... Low Unreviewed
CVE-2007-6418 was published May 1, 2022
etc-update in Portage before 2.1.3.11 on Gentoo Linux relies on the umask to set permissions for... Low Unreviewed
CVE-2007-6249 was published May 1, 2022
The do_coredump function in fs/exec.c in Linux kernel 2.4.x and 2.6.x up to 2.6.24-rc3, and... Low Unreviewed
CVE-2007-6206 was published May 1, 2022
The HTTP daemon in the Cisco Unified IP Phone, when the Extension Mobility feature is enabled,... Low Unreviewed
CVE-2007-6190 was published May 1, 2022
The "internal state tracking" code for the random and urandom devices in FreeBSD 5.5, 6.1 through... Low Unreviewed
CVE-2007-6150 was published May 1, 2022
Incomplete blacklist vulnerability in the Certificate Authority (CA) in IBM Lotus Domino before 7... Low Unreviewed
CVE-2007-5701 was published May 1, 2022
Unspecified vulnerability in Command EXEC in Cisco IOS allows local users to bypass command... Low Unreviewed
CVE-2007-5549 was published May 1, 2022
Microsoft Expression Media stores the catalog password in cleartext in the catalog IVC file,... Low Unreviewed
CVE-2007-5470 was published May 1, 2022
backup-manager-upload in Backup Manager before 0.6.3 provides the FTP server hostname, username,... Low Unreviewed
CVE-2007-4656 was published May 1, 2022
The eHCA driver in Linux kernel 2.6 before 2.6.22, when running on PowerPC, does not properly map... Low Unreviewed
CVE-2007-3850 was published May 1, 2022
Norman SandBox Analyzer does not use the proper range for Interrupt Descriptor Table (IDT)... Low Unreviewed
CVE-2007-1194 was published May 1, 2022
The virtual keyboard implementation in GlobeTrotter Mobility Manager changes the color of a key... Low Unreviewed
CVE-2006-6953 was published May 1, 2022
OpenSSH portable 4.1 on SUSE Linux, and possibly other platforms and versions, and possibly under... Low Unreviewed
CVE-2006-5229 was published May 1, 2022
V3 Chat allows remote attackers to obtain the installation path via (1) an invalid id parameter... Low Unreviewed
CVE-2006-3365 was published May 1, 2022
NSSecureTextField in AppKit in Apple Mac OS X 10.4.6 does not re-enable secure event input under... Low Unreviewed
CVE-2006-1439 was published May 1, 2022
** DISPUTED ** MySQL 5.0.18 allows local users with access to a VIEW to obtain sensitive... Low Unreviewed
CVE-2006-0369 was published May 1, 2022
unix_random.c in lshd for lsh 2.0.1 leaks file descriptors related to the randomness generator,... Low Unreviewed
CVE-2006-0353 was published May 1, 2022
Shared memory sections and events in IBM DB2 8.1 have default permissions of read and write for... Low Unreviewed
CVE-2005-4868 was published May 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database