Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,041
Maven
5,000+
npm
3,733
NuGet
662
pip
3,414
Pub
12
RubyGems
891
Rust
866
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

10,046 advisories

Loading
Information-disclosure vulnerability in Netsurf through 2.8 due to a world-readable cookie jar. Low Unreviewed
CVE-2012-0844 was published Apr 23, 2022
A cross-site scripting (XSS) vulnerability in Wolf CMS 0.75 and earlier allows remote attackers... Low Unreviewed
CVE-2012-1932 was published Apr 23, 2022
Stored XSS vulnerability in UpdateFieldJson.jspa in JIRA 4.4.3 and GreenHopper before 5.9.8... Low Unreviewed
CVE-2012-1500 was published Apr 23, 2022
XSS in Telligent Community 5.6.583.20496 via a flash file and related to the allowScriptAccess... Low Unreviewed
CVE-2012-1903 was published Apr 23, 2022
HP Systems Insight Manager before 7.0 allows a remote user on adjacent network to access information Low Unreviewed
CVE-2012-1994 was published Apr 23, 2022
The clientconf.html and detailbw.html pages in x3 in cPanel & WHM 11.34.0 (build 8) have a XSS... Low Unreviewed
CVE-2012-6449 was published Apr 23, 2022
An Authentication vulnerability exists in NETGEAR WGR614 v7 and v9 due to a hardcoded credential... Low Unreviewed
CVE-2012-6340 was published Apr 23, 2022
Dokeos 2.1.1 has multiple XSS issues involving "extra_" parameters in main/auth/profile.php. Low Unreviewed
CVE-2012-5776 was published Apr 23, 2022
The git-changelog utility in git-extras 1.7.0 allows local users to overwrite arbitrary files via... Low Unreviewed
CVE-2012-6114 was published Apr 23, 2022
An issue exists in Safend Data Protector Agent 3.4.5586.9772 in the securitylayer.log file in the... Low Unreviewed
CVE-2012-4767 was published Apr 23, 2022
Cross-site scripting (XSS) vulnerability in the Smiley module 6.x-1.x versions prior to 6.x-1.1... Low Unreviewed
CVE-2012-5558 was published Apr 23, 2022
An issue exists in the property replacements feature in any descriptor in JBoxx AS 7.1.1 ignores... Low Unreviewed
CVE-2012-2148 was published Apr 23, 2022
rhn-proxy: may transmit credentials over clear-text when accessing RHN Satellite Low Unreviewed
CVE-2012-5562 was published Apr 23, 2022
An issue exists AccountService 0.6.37 in the user_change_password_authorized_cb() function in... Low Unreviewed
CVE-2012-6655 was published Apr 23, 2022
surf: cookie jar has read access from other local user Low Unreviewed
CVE-2012-0842 was published Apr 23, 2022
uzbl: Information disclosure via world-readable cookies storage file Low Unreviewed
CVE-2012-0843 was published Apr 23, 2022
ACMS 4.3 and 4.4 in OpenVMS Alpha 7.2 and 7.3 does not properly use process privileges, which... Low Unreviewed
CVE-2002-2000 was published Apr 23, 2022
fs/proc/base.c in the Linux kernel through 3.1 allows local users to obtain sensitive keystroke... Low Unreviewed
CVE-2011-4915 was published Apr 22, 2022
The Bluetooth stack in Android before 2.3.6 allows a physically proximate attacker to obtain... Low Unreviewed
CVE-2011-2343 was published Apr 22, 2022
Multiple Cross-site Scripting (XSS) vulnerabilities exist in Joomla! through 1.7.0 in index.php... Low Unreviewed
CVE-2011-3595 was published Apr 22, 2022
Multiple race conditions in the (1) mount.cifs and (2) umount.cifs programs in Samba 3.6 allow... Low Unreviewed
CVE-2011-3585 was published Apr 22, 2022
Zikula 1.3.0 build #3168 and probably prior has XSS flaw due to improper sanitization of the ... Low Unreviewed
CVE-2011-3352 was published Apr 22, 2022
A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are... Low Unreviewed
CVE-2011-1488 was published Apr 22, 2022
Cross-site Scripting (XSS) in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4... Low Unreviewed
CVE-2011-4629 was published Apr 22, 2022
389 Directory Server before 1.2.7.1 (aka Red Hat Directory Server 8.2) and HP-UX Directory Server... Low Unreviewed
CVE-2010-3282 was published Apr 21, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database