GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,309
Composer 4,359
Erlang 33
GitHub Actions 22
Go 2,126
Maven 5,307
npm 3,787
NuGet 683
pip 3,467
Pub 12
RubyGems 894
Rust 892
Swift 38

Unreviewed advisories

All unreviewed 244,676

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,052 advisories

Filter by severity

Sort by

Least recently updated

Microsoft Windows 2000 SP4 does not properly validate an RPC server during mutual authentication... Moderate Unreviewed

CVE-2006-2380 was published May 1, 2022

The embedded HTTP server in Fuji Xerox Printing Systems (FXPS) print engine, as used in products... Moderate Unreviewed

CVE-2006-2113 was published May 1, 2022

Session fixation vulnerability in Drupal 4.5.x before 4.5.8 and 4.6.x before 4.5.8 allows remote... Moderate Unreviewed

CVE-2006-1228 was published May 1, 2022

The make_password function in ipsclass.php in Invision Power Board (IPB) 2.1.4 uses random data... Moderate Unreviewed

CVE-2006-0633 was published May 1, 2022

SleeperChat 0.3f and earlier allows remote attackers to bypass authentication and create new... Moderate Unreviewed

CVE-2006-0416 was published May 1, 2022

eZ publish 3.4.4 through 3.7 before 20050722 applies certain permissions on the node level, which... Moderate Unreviewed

CVE-2005-4851 was published May 1, 2022

relocate_server.php in Coppermine Photo Gallery (CPG) 1.4.2 and 1.4 beta is not removed after... Moderate Unreviewed

CVE-2005-3979 was published May 1, 2022

The security handler in GoAhead WebServer before 2.1.1 allows remote attackers to bypass... Moderate Unreviewed

CVE-2002-2427 was published Apr 30, 2022

The default configuration of Oracle 9i Application Server 1.0.2.x allows remote anonymous users... Moderate Unreviewed

CVE-2002-0563 was published Apr 30, 2022

SSH protocol 2 (aka SSH-2) public key authentication in the development snapshot of OpenSSH 2.3.1... Moderate Unreviewed

CVE-2001-1585 was published Apr 30, 2022

Windows NT Terminal Server performs extra work when a client opens a new connection but before it... Moderate Unreviewed

CVE-1999-0680 was published Apr 30, 2022

Polar HelpDesk 3.0 allows remote attackers to bypass authentication by setting the UserId and... Moderate Unreviewed

CVE-2004-2736 was published Apr 29, 2022

upload.php in Truegalerie 1.0 allows remote attackers to read arbitrary files by specifying the... Moderate Unreviewed

CVE-2003-1489 was published Apr 29, 2022

Netbus 1.5 through 1.7 allows more than one client to be connected at the same time, but only... Moderate Unreviewed

CVE-2003-1475 was published Apr 29, 2022

Epic Games Unreal Engine 226f through 436 does not validate the challenge key, which allows... Moderate Unreviewed

CVE-2003-1433 was published Apr 29, 2022

login_ldap 3.1 and 3.2 allows remote attackers to initiate unauthenticated bind requests if (1)... Moderate Unreviewed

CVE-2003-1434 was published Apr 29, 2022

A business logic vulnerability exists in Mi App Store. The vulnerability is caused by incomplete... Moderate Unreviewed

CVE-2020-14121 was published Apr 22, 2022

stonith-ng in pacemaker and cluster-glue passed passwords as commandline parameters, making it... Moderate Unreviewed

CVE-2010-2496 was published Apr 21, 2022

** UNSUPPORTED WHEN ASSIGNED ** A post-authentication arbitrary file read vulnerability impacting... Moderate Unreviewed

CVE-2022-22279 was published Apr 14, 2022

Navigating to a specific URL with a patient ID number will result in the server generating a PDF... Moderate Unreviewed

CVE-2022-1067 was published Apr 12, 2022

Improper authentication vulnerability in S Secure prior to SMR Apr-2022 Release 1 allows physical... Moderate Unreviewed

CVE-2022-25832 was published Apr 12, 2022

Improper access control vulnerability in Knox Manage prior to SMR Apr-2022 Release 1 allows that... Moderate Unreviewed

CVE-2022-26091 was published Apr 12, 2022

Improper access control vulnerability in S Secure prior to SMR Apr-2022 Release 1 allows physical... Moderate Unreviewed

CVE-2022-25831 was published Apr 12, 2022

Improper authentication vulnerability in SecretMode in Samsung Internet prior to version 16.2.1... Moderate Unreviewed

CVE-2022-27839 was published Apr 12, 2022

Improper authorization in GitLab Pages included with GitLab CE/EE affecting all versions from 11... Moderate Unreviewed

CVE-2022-1148 was published Apr 5, 2022

Previous 1 2 … 39 40 41 42 43 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,052 advisories