GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,270
Erlang
31
GitHub Actions
21
Go
2,045
Maven
5,000+
npm
3,737
NuGet
663
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
10,048 advisories
Filter by severity
Utempter allows device names that contain .. (dot dot) directory traversal sequences, which...
Low
Unreviewed
CVE-2004-0233
was published
Apr 29, 2022
The LiveUpdate capability (liveupdate.sh) in Symantec AntiVirus Scan Engine 4.0 and 4.3 for Red...
Low
Unreviewed
CVE-2004-0217
was published
Apr 29, 2022
"Shatter" style vulnerability in the Window Management application programming interface (API)...
Low
Unreviewed
CVE-2004-0207
was published
Apr 29, 2022
The kernel for Microsoft Windows Server 2003 does not reset certain values in CPU data structures...
Low
Unreviewed
CVE-2004-0211
was published
Apr 29, 2022
The JFS file system code in Linux 2.4.x has an information leak in which in-memory data is...
Low
Unreviewed
CVE-2004-0181
was published
Apr 29, 2022
The DCOM RPC interface for Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote...
Low
Unreviewed
CVE-2004-0124
was published
Apr 29, 2022
The Vicam USB driver in Linux before 2.4.25 does not use the copy_from_user function when copying...
Low
Unreviewed
CVE-2004-0075
was published
Apr 29, 2022
The System Configuration subsystem in Mac OS 10.2.8 and 10.3.2 allows local users to modify...
Low
Unreviewed
CVE-2004-0087
was published
Apr 29, 2022
The System Configuration subsystem in Mac OS 10.2.8 allows local users to modify network settings...
Low
Unreviewed
CVE-2004-0088
was published
Apr 29, 2022
The SuSEconfig.gnome-filesystem script for YaST in SuSE 9.0 allows local users to overwrite...
Low
Unreviewed
CVE-2004-0064
was published
Apr 29, 2022
Antivir / Linux 2.0.9-9, and possibly earlier versions, allows local users to overwrite arbitrary...
Low
Unreviewed
CVE-2004-0058
was published
Apr 29, 2022
Sun Cluster 2.2, when HA-Oracle or HA-Sybase DBMS services are used, stores database credentials...
Low
Unreviewed
CVE-2003-1588
was published
Apr 29, 2022
The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, allows...
Low
Unreviewed
CVE-2003-1581
was published
Apr 29, 2022
Microsoft Internet Information Services (IIS) 6.0, when DNS resolution is enabled for client IP...
Low
Unreviewed
CVE-2003-1582
was published
Apr 29, 2022
Sun ONE (aka iPlanet) Web Server 4.1 through SP12 and 6.0 through SP5, when DNS resolution is...
Low
Unreviewed
CVE-2003-1577
was published
Apr 29, 2022
The server in IBM Tivoli Storage Manager (TSM) 5.1.x, 5.2.x before 5.2.1.2, and 6.x before 6.1...
Low
Unreviewed
CVE-2003-1570
was published
Apr 29, 2022
Absolute path traversal vulnerability in Alt-N Technologies WebAdmin 2.0.0 through 2.0.2 allows...
Low
Unreviewed
CVE-2003-1463
was published
Apr 29, 2022
Cerberus FTP Server 2.1 stores usernames and passwords in plaintext, which could allow local...
Low
Unreviewed
CVE-2003-1476
was published
Apr 29, 2022
Worker Filemanager 1.0 through 2.7 sets the permissions on the destination directory to world...
Low
Unreviewed
CVE-2003-1460
was published
Apr 29, 2022
IBM WebSphere Advanced Server Edition 4.0.4 uses a weak encryption algorithm (XOR and base64...
Low
Unreviewed
CVE-2003-1447
was published
Apr 29, 2022
Untrusted search path vulnerability in Qualcomm qpopper 4.0 through 4.05 allows local users to...
Low
Unreviewed
CVE-2003-1452
was published
Apr 29, 2022
BEA WebLogic Express and WebLogic Server 7.0 and 7.0.0.1, stores passwords in plaintext when a...
Low
Unreviewed
CVE-2003-1437
was published
Apr 29, 2022
Openwebmail in cPanel 5.0, when run using suid Perl, adds the directory in the SCRIPT_FILENAME...
Low
Unreviewed
CVE-2003-1426
was published
Apr 29, 2022
eject 2.0.10, when installed setuid on systems such as SuSE Linux 7.3, generates different error...
Low
Unreviewed
CVE-2003-1399
was published
Apr 29, 2022
chpass in OpenBSD 2.0 through 3.2 allows local users to read portions of arbitrary files via a...
Low
Unreviewed
CVE-2003-1366
was published
Apr 29, 2022
ProTip!
Advisories are also available from the
GraphQL API