Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,850
Erlang
36
GitHub Actions
34
Go
2,480
Maven
5,000+
npm
4,097
NuGet
734
pip
3,910
Pub
12
RubyGems
945
Rust
1,014
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,047 advisories

Loading
Apache Tomcat AJP Connector Information Leak Low
CVE-2005-3164 was published for org.apache.tomcat:tomcat (Maven) May 1, 2022
fetchmailconf before 1.49 in fetchmail 6.2.0, 6.2.5 and 6.2.5.2 creates configuration files with... Low Unreviewed
CVE-2005-3088 was published May 1, 2022
An unspecified kernel interface in Mac OS X 10.4.2 and earlier does not properly clear memory... Low Unreviewed
CVE-2005-2752 was published May 1, 2022
Photon microGUI in QNX Neutrino realtime operating system (RTOS) 6.1.0 and 6.2.0 allows attackers... Low Unreviewed
CVE-2002-2409 was published Apr 30, 2022
IIS 5 and 5.1 supporting WebDAV methods allows remote attackers to determine the internal IP... Low Unreviewed
CVE-2002-0422 was published Apr 30, 2022
iptables-save in iptables before 1.2.4 records the "--reject-with icmp-host-prohibited" rule as "... Low Unreviewed
CVE-2001-1387 was published Apr 30, 2022
IIS 4.0 allows remote attackers to obtain the internal IP address of the server via an HTTP 1.0... Low Unreviewed
CVE-2000-0649 was published Apr 30, 2022
Classic Cisco IOS 9.1 and later allows attackers with access to the login prompt to obtain... Low Unreviewed
CVE-2000-0368 was published Apr 30, 2022
Microsoft Java Virtual Machine allows remote attackers to read files via the... Low Unreviewed
CVE-2000-0132 was published Apr 30, 2022
ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts. Low Unreviewed
CVE-1999-0524 was published Apr 30, 2022
The installer for BackOffice Server includes account names and passwords in a setup file (reboot... Low Unreviewed
CVE-1999-0372 was published Apr 30, 2022
chpass in OpenBSD 2.0 through 3.2 allows local users to read portions of arbitrary files via a... Low Unreviewed
CVE-2003-1366 was published Apr 29, 2022
Exposure of SSH credentials in Rancher/Fleet Low
GHSA-wm2r-rp98-8pmh was published for github.com/rancher/rancher (Go) Apr 27, 2022
Openstack nova qcow format could expose host filesystem information Low
CVE-2011-3147 was published for nova (pip) Apr 22, 2022
Discoverability of user password hash in Statamic CMS Low
CVE-2022-24784 was published for statamic/cms (Composer) Mar 29, 2022
Twig Sandbox Information Disclosure Low
CVE-2019-9942 was published for twig/twig (Composer) Mar 26, 2022
Information Exposure vulnerability in Galaxy Watch Plugin prior to version 2.2.05.22012751 allows... Low Unreviewed
CVE-2022-25827 was published Mar 11, 2022
Information Exposure vulnerability in Watch Active2 Plugin prior to version 2.2.08.22012751... Low Unreviewed
CVE-2022-25829 was published Mar 11, 2022
Information Exposure vulnerability in Galaxy S3 Plugin prior to version 2.2.03.22012751 allows... Low Unreviewed
CVE-2022-25826 was published Mar 11, 2022
Information Exposure vulnerability in Watch Active Plugin prior to version 2.2.07.22012751 allows... Low Unreviewed
CVE-2022-25828 was published Mar 11, 2022
Information Exposure vulnerability in Galaxy Watch Plugin prior to version 2.2.05.220126741... Low Unreviewed
CVE-2022-25823 was published Mar 11, 2022
Information Exposure vulnerability in Galaxy Watch3 Plugin prior to version 2.2.09.22012751... Low Unreviewed
CVE-2022-25830 was published Mar 11, 2022
Forwarding of confidentials headers to third parties in fluture-node Low
CVE-2022-24719 was published for fluture-node (npm) Mar 1, 2022
Full list of recipients from customer users in a contact field could be disclosed in notification... Low Unreviewed
CVE-2022-0474 was published Feb 8, 2022
In createAdminSupportIntent of DevicePolicyManagerService.java, there is a possible way to... Low Unreviewed
CVE-2021-0983 was published Dec 16, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database