Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,683
Erlang
29
GitHub Actions
16
Go
1,708
Maven
4,944
npm
3,473
NuGet
603
pip
2,995
Pub
10
RubyGems
826
Rust
773
Swift
34
Unreviewed advisories
All unreviewed
5,000+

10,532 advisories

An issue exists in Safend Data Protector Agent 3.4.5586.9772 in the securitylayer.log file in the... Low Unreviewed
CVE-2012-4767 was published Apr 23, 2022
Cross-site scripting (XSS) vulnerability in the Smiley module 6.x-1.x versions prior to 6.x-1.1... Low Unreviewed
CVE-2012-5558 was published Apr 23, 2022
An issue exists in the property replacements feature in any descriptor in JBoxx AS 7.1.1 ignores... Low Unreviewed
CVE-2012-2148 was published Apr 23, 2022
rhn-proxy: may transmit credentials over clear-text when accessing RHN Satellite Low Unreviewed
CVE-2012-5562 was published Apr 23, 2022
An issue exists AccountService 0.6.37 in the user_change_password_authorized_cb() function in... Low Unreviewed
CVE-2012-6655 was published Apr 23, 2022
surf: cookie jar has read access from other local user Low Unreviewed
CVE-2012-0842 was published Apr 23, 2022
uzbl: Information disclosure via world-readable cookies storage file Low Unreviewed
CVE-2012-0843 was published Apr 23, 2022
ACMS 4.3 and 4.4 in OpenVMS Alpha 7.2 and 7.3 does not properly use process privileges, which... Low Unreviewed
CVE-2002-2000 was published Apr 23, 2022
fs/proc/base.c in the Linux kernel through 3.1 allows local users to obtain sensitive keystroke... Low Unreviewed
CVE-2011-4915 was published Apr 22, 2022
The Bluetooth stack in Android before 2.3.6 allows a physically proximate attacker to obtain... Low Unreviewed
CVE-2011-2343 was published Apr 22, 2022
Multiple Cross-site Scripting (XSS) vulnerabilities exist in Joomla! through 1.7.0 in index.php... Low Unreviewed
CVE-2011-3595 was published Apr 22, 2022
Multiple race conditions in the (1) mount.cifs and (2) umount.cifs programs in Samba 3.6 allow... Low Unreviewed
CVE-2011-3585 was published Apr 22, 2022
Zikula 1.3.0 build #3168 and probably prior has XSS flaw due to improper sanitization of the ... Low Unreviewed
CVE-2011-3352 was published Apr 22, 2022
A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are... Low Unreviewed
CVE-2011-1488 was published Apr 22, 2022
Cross-site Scripting (XSS) in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4... Low Unreviewed
CVE-2011-4629 was published Apr 22, 2022
Openstack nova qcow format could expose host filesystem information Low
CVE-2011-3147 was published for nova (pip) Apr 22, 2022
389 Directory Server before 1.2.7.1 (aka Red Hat Directory Server 8.2) and HP-UX Directory Server... Low Unreviewed
CVE-2010-3282 was published Apr 21, 2022
babiloo 2.0.9 before 2.0.11 creates temporary files with predictable names when downloading and... Low Unreviewed
CVE-2010-3440 was published Apr 21, 2022
mailscanner before 4.79.11-2.1 might allow local users to overwrite arbitrary files via a symlink... Low Unreviewed
CVE-2010-3095 was published Apr 21, 2022
The update{_bad,}_phishing_sites scripts in mailscanner 4.79.11-2 downloads files and trusts them... Low Unreviewed
CVE-2010-3292 was published Apr 21, 2022
Drupal 6.x before 6.16 and 5.x before version 5.22 does not properly block users under certain... Low Unreviewed
CVE-2010-2473 was published Apr 21, 2022
Locale module and dependent contributed modules in Drupal 6.x before 6.16 and 5.x before version... Low Unreviewed
CVE-2010-2472 was published Apr 21, 2022
MySQL-GUI-tools (mysql-administrator) leaks passwords into process list after with launch of... Low Unreviewed
CVE-2010-4178 was published Apr 21, 2022
In RHEV-M VDC 2.2.0, it was found that the SSL certificate was not verified when using the client... Low Unreviewed
CVE-2009-3552 was published Apr 21, 2022
liboping 1.3.2 allows users reading arbitrary files upon the local system. Low Unreviewed
CVE-2009-3614 was published Apr 21, 2022
ProTip! Advisories are also available from the GraphQL API