Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,360
Erlang
33
GitHub Actions
22
Go
2,127
Maven
5,000+
npm
3,793
NuGet
683
pip
3,471
Pub
12
RubyGems
894
Rust
894
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,052 advisories

Loading
Sony Mylo COM-2 Japanese model firmware before 1.002 does not properly verify web server SSL... Moderate Unreviewed
CVE-2008-1938 was published May 1, 2022
The IAX2 channel driver (chan_iax2) in Asterisk Open Source 1.0.x, 1.2.x before 1.2.28, and 1.4.x... Moderate Unreviewed
CVE-2008-1897 was published May 1, 2022
The server in Blackboard Academic Suite 7.x stores MD5 password hashes that are provided directly... Moderate Unreviewed
CVE-2008-1883 was published May 1, 2022
ZyXEL Prestige routers, including P-660, P-661, and P-662 models with firmware 3.40(AGD.2)... Moderate Unreviewed
CVE-2008-1528 was published May 1, 2022
Gallarific Free Edition 1.1 does not require authentication for (1) photos.php, (2) comments.php,... Moderate Unreviewed
CVE-2008-1469 was published May 1, 2022
Unspecified vulnerability in xscreensaver in Sun Solaris 10 Java Desktop System (JDS), when using... Moderate Unreviewed
CVE-2008-1356 was published May 1, 2022
The FxIAList service in ASG-Sentry Network Manager 7.0.0 and earlier does require authentication,... Moderate Unreviewed
CVE-2008-1321 was published May 1, 2022
Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9, when generating the HTTP Referer... Moderate Unreviewed
CVE-2008-1238 was published May 1, 2022
Unspecified vulnerability in IBM WebSphere MQ 6.0.x before 6.0.2.2 and 5.3 before Fix Pack 14... Moderate Unreviewed
CVE-2008-1130 was published May 1, 2022
OMEGA (aka Omegasoft) INterneSErvicesLosungen (INSEL) 7 supports authentication with a cookie... Moderate Unreviewed
CVE-2008-1134 was published May 1, 2022
BEA WebLogic Server and WebLogic Express 6.1 through 10.0 allows remote attackers to bypass... Moderate Unreviewed
CVE-2008-0895 was published May 1, 2022
ManageEngine Applications Manager 8.1 build 8100 does not check authentication for monitorType.do... Moderate Unreviewed
CVE-2008-0476 was published May 1, 2022
Web Wiz RTE_file_browser.asp in, as used in Web Wiz Rich Text Editor 4.0, Web Wiz Forums 9.07,... Moderate Unreviewed
CVE-2008-0466 was published May 1, 2022
HTTP File Server (HFS) before 2.2c allows remote attackers to obtain configuration and usage... Moderate Unreviewed
CVE-2008-0410 was published May 1, 2022
HTTP File Server (HFS) before 2.2c allows remote attackers to append arbitrary text to the log... Moderate Unreviewed
CVE-2008-0408 was published May 1, 2022
HTTP File Server (HFS) before 2.2c tags HTTP request log entries with the username sent during... Moderate Unreviewed
CVE-2008-0407 was published May 1, 2022
The web server in Belkin Wireless G Plus MIMO Router F5D9230-4 does not require authentication... Moderate Unreviewed
CVE-2008-0403 was published May 1, 2022
admin/config.php in Evilsentinel 1.0.9 and earlier allows remote attackers to bypass the CAPTCHA... Moderate Unreviewed
CVE-2008-0351 was published May 1, 2022
Uebimiau Webmail 2.7.10 and 2.7.2 does not protect authentication state variables from being set... Moderate Unreviewed
CVE-2008-0210 was published May 1, 2022
Unspecified vulnerability in the LDAP authentication feature in Aruba Mobility Controller 2.3.6... Moderate Unreviewed
CVE-2008-0150 was published May 1, 2022
DBMail before 2.2.9, when using authldap with an LDAP server that supports anonymous login such... Moderate Unreviewed
CVE-2007-6714 was published May 1, 2022
Asterisk Open Source 1.2.x before 1.2.26 and 1.4.x before 1.4.16, and Business Edition B.x.x... Moderate Unreviewed
CVE-2007-6430 was published May 1, 2022
Flat PHP Board 1.2 and earlier allows remote attackers to bypass authentication and obtain... Moderate Unreviewed
CVE-2007-6398 was published May 1, 2022
Unspecified vulnerability in Hitachi JP1/File Transmission Server/FTP 01-00 through 08-10-01... Moderate Unreviewed
CVE-2007-6145 was published May 1, 2022
gnump3d 2.9final does not apply password protection to its plugins, which might allow remote... Moderate Unreviewed
CVE-2007-6130 was published May 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database