GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,093
Composer 4,324
Erlang 31
GitHub Actions 21
Go 2,087
Maven 5,251
npm 3,751
NuGet 674
pip 3,437
Pub 12
RubyGems 892
Rust 881
Swift 37

Unreviewed advisories

All unreviewed 241,757

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

889 advisories

Filter by severity

Sort by

Least recently updated

Preview in Apple Mac OS X 10.5.2 uses 40-bit RC4 when saving a PDF file with encryption, which... Low Unreviewed

CVE-2008-0994 was published May 1, 2022

The Printing component in Apple Mac OS X 10.5.2 uses 40-bit RC4 when printing to an encrypted PDF... Low Unreviewed

CVE-2008-0995 was published May 1, 2022

Podcast Capture in Podcast Producer for Apple Mac OS X 10.5.2 invokes a subtask with passwords in... Low Unreviewed

CVE-2008-0993 was published May 1, 2022

Flexera Macrovision InstallShield before 2008 sends a digital-signature password to an unintended... Low Unreviewed

CVE-2007-6744 was published May 1, 2022

The libdspam7-drv-mysql cron job in Debian GNU/Linux includes the MySQL dspam database password... Low Unreviewed

CVE-2007-6418 was published May 1, 2022

etc-update in Portage before 2.1.3.11 on Gentoo Linux relies on the umask to set permissions for... Low Unreviewed

CVE-2007-6249 was published May 1, 2022

The do_coredump function in fs/exec.c in Linux kernel 2.4.x and 2.6.x up to 2.6.24-rc3, and... Low Unreviewed

CVE-2007-6206 was published May 1, 2022

The HTTP daemon in the Cisco Unified IP Phone, when the Extension Mobility feature is enabled,... Low Unreviewed

CVE-2007-6190 was published May 1, 2022

The "internal state tracking" code for the random and urandom devices in FreeBSD 5.5, 6.1 through... Low Unreviewed

CVE-2007-6150 was published May 1, 2022

Unspecified vulnerability in Command EXEC in Cisco IOS allows local users to bypass command... Low Unreviewed

CVE-2007-5549 was published May 1, 2022

The eHCA driver in Linux kernel 2.6 before 2.6.22, when running on PowerPC, does not properly map... Low Unreviewed

CVE-2007-3850 was published May 1, 2022

Norman SandBox Analyzer does not use the proper range for Interrupt Descriptor Table (IDT)... Low Unreviewed

CVE-2007-1194 was published May 1, 2022

The virtual keyboard implementation in GlobeTrotter Mobility Manager changes the color of a key... Low Unreviewed

CVE-2006-6953 was published May 1, 2022

OpenSSH portable 4.1 on SUSE Linux, and possibly other platforms and versions, and possibly under... Low Unreviewed

CVE-2006-5229 was published May 1, 2022

V3 Chat allows remote attackers to obtain the installation path via (1) an invalid id parameter... Low Unreviewed

CVE-2006-3365 was published May 1, 2022

NSSecureTextField in AppKit in Apple Mac OS X 10.4.6 does not re-enable secure event input under... Low Unreviewed

CVE-2006-1439 was published May 1, 2022

unix_random.c in lshd for lsh 2.0.1 leaks file descriptors related to the randomness generator,... Low Unreviewed

CVE-2006-0353 was published May 1, 2022

** DISPUTED ** MySQL 5.0.18 allows local users with access to a VIEW to obtain sensitive... Low Unreviewed

CVE-2006-0369 was published May 1, 2022

Shared memory sections and events in IBM DB2 8.1 have default permissions of read and write for... Low Unreviewed

CVE-2005-4868 was published May 1, 2022

fetchmailconf before 1.49 in fetchmail 6.2.0, 6.2.5 and 6.2.5.2 creates configuration files with... Low Unreviewed

CVE-2005-3088 was published May 1, 2022

An unspecified kernel interface in Mac OS X 10.4.2 and earlier does not properly clear memory... Low Unreviewed

CVE-2005-2752 was published May 1, 2022

Photon microGUI in QNX Neutrino realtime operating system (RTOS) 6.1.0 and 6.2.0 allows attackers... Low Unreviewed

CVE-2002-2409 was published Apr 30, 2022

IIS 5 and 5.1 supporting WebDAV methods allows remote attackers to determine the internal IP... Low Unreviewed

CVE-2002-0422 was published Apr 30, 2022

iptables-save in iptables before 1.2.4 records the "--reject-with icmp-host-prohibited" rule as "... Low Unreviewed

CVE-2001-1387 was published Apr 30, 2022

IIS 4.0 allows remote attackers to obtain the internal IP address of the server via an HTTP 1.0... Low Unreviewed

CVE-2000-0649 was published Apr 30, 2022

Previous 1 2 … 32 33 34 35 36 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

889 advisories