Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,683
Erlang
29
GitHub Actions
16
Go
1,708
Maven
4,944
npm
3,473
NuGet
603
pip
2,995
Pub
10
RubyGems
826
Rust
773
Swift
34
Unreviewed advisories
All unreviewed
5,000+

10,532 advisories

msxlsview.sh in xlsview for catdoc 0.91 and earlier allows local users to overwrite arbitrary... Low Unreviewed
CVE-2003-0193 was published Apr 29, 2022
psbanner in the LPRng package allows local users to overwrite arbitrary files via a symbolic link... Low Unreviewed
CVE-2003-0136 was published Apr 29, 2022
adb2mhc in the mhc-utils package before 0.25+20010625-7.1 allows local users to overwrite... Low Unreviewed
CVE-2003-0120 was published Apr 29, 2022
The DEC UDK processing feature in the hanterm (hanterm-xf) terminal emulator before 2.0.5 allows... Low Unreviewed
CVE-2003-0079 was published Apr 29, 2022
The DEC UDK processing feature in the xterm terminal emulator in XFree86 4.2.99.4 and earlier... Low Unreviewed
CVE-2003-0071 was published Apr 29, 2022
Linux kernel 2.4.10 through 2.4.21-pre4 does not properly handle the O_DIRECT feature, which... Low Unreviewed
CVE-2003-0018 was published Apr 29, 2022
The data collection script for Bugzilla 2.14.x before 2.14.5, 2.16.x before 2.16.2, and 2.17.x... Low Unreviewed
CVE-2003-0012 was published Apr 29, 2022
In JetBrains IntelliJ IDEA before 2022.1 HTML injection into IDE messages was possible Low Unreviewed
CVE-2022-29816 was published Apr 29, 2022
In JetBrains IntelliJ IDEA before 2022.1 notification mechanisms about using Unicode... Low Unreviewed
CVE-2022-29812 was published Apr 29, 2022
In JetBrains PyCharm before 2022.1 exposure of the debugger port to the internal network was... Low Unreviewed
CVE-2022-29820 was published Apr 29, 2022
Keycloak is vulnerable to IDN homograph attack Low
GHSA-mwm4-5qwr-g9pf was published for org.keycloak:keycloak-services (Maven) Apr 28, 2022
klausenbusk kurt-r2c
OIDC Logout redirect in keycloak Low
CVE-2020-10734 was published for org.keycloak:keycloak-oidc-client-adapter-pom (Maven) Apr 28, 2022
sonOfRa
An insecure data storage vulnerability allows a physical attacker with root privileges to... Low Unreviewed
CVE-2021-25266 was published Apr 28, 2022
Exposure of SSH credentials in Rancher/Fleet Low
GHSA-wm2r-rp98-8pmh was published for github.com/rancher/rancher (Go) Apr 27, 2022
IBM InfoSphere Guardium 7.0, 8.0, 8.01, and 8.2 is vulnerable to cross-site scripting, caused by... Low Unreviewed
CVE-2012-3341 was published Apr 23, 2022
systemd 37-1 does not properly handle non-existent services, which causes a denial of service ... Low Unreviewed
CVE-2012-1101 was published Apr 23, 2022
Information-disclosure vulnerability in Netsurf through 2.8 due to a world-readable cookie jar. Low Unreviewed
CVE-2012-0844 was published Apr 23, 2022
A cross-site scripting (XSS) vulnerability in Wolf CMS 0.75 and earlier allows remote attackers... Low Unreviewed
CVE-2012-1932 was published Apr 23, 2022
XSS in Telligent Community 5.6.583.20496 via a flash file and related to the allowScriptAccess... Low Unreviewed
CVE-2012-1903 was published Apr 23, 2022
Stored XSS vulnerability in UpdateFieldJson.jspa in JIRA 4.4.3 and GreenHopper before 5.9.8... Low Unreviewed
CVE-2012-1500 was published Apr 23, 2022
HP Systems Insight Manager before 7.0 allows a remote user on adjacent network to access information Low Unreviewed
CVE-2012-1994 was published Apr 23, 2022
The clientconf.html and detailbw.html pages in x3 in cPanel & WHM 11.34.0 (build 8) have a XSS... Low Unreviewed
CVE-2012-6449 was published Apr 23, 2022
An Authentication vulnerability exists in NETGEAR WGR614 v7 and v9 due to a hardcoded credential... Low Unreviewed
CVE-2012-6340 was published Apr 23, 2022
Dokeos 2.1.1 has multiple XSS issues involving "extra_" parameters in main/auth/profile.php. Low Unreviewed
CVE-2012-5776 was published Apr 23, 2022
The git-changelog utility in git-extras 1.7.0 allows local users to overwrite arbitrary files via... Low Unreviewed
CVE-2012-6114 was published Apr 23, 2022
ProTip! Advisories are also available from the GraphQL API