Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+

363 advisories

Loading
PHP 5.2.5 and earlier allows context-dependent attackers to cause a denial of service ... Low Unreviewed
CVE-2007-6039 was published May 1, 2022
Unspecified vulnerability in a certain ActiveX control in Reconfig.DLL in VMware Workstation 5.5... Low Unreviewed
CVE-2007-5438 was published May 1, 2022
Kaspersky Anti-Virus (KAV) and Internet Security 7.0 build 125 do not properly validate certain... Low Unreviewed
CVE-2007-5086 was published May 1, 2022
axis-cgi/buffer/command.cgi on the AXIS 207W camera allows remote authenticated users to cause a... Low Unreviewed
CVE-2007-4927 was published May 1, 2022
Algorithmic complexity vulnerability in the MCS translation daemon in mcstrans 0.2.3 allows local... Low Unreviewed
CVE-2007-4570 was published May 1, 2022
The GDM daemon in GNOME Display Manager (GDM) before 2.14.13, 2.16.x before 2.16.7, 2.18.x before... Low Unreviewed
CVE-2007-3381 was published May 1, 2022
CRLF injection vulnerability in the ftp_putcmd function in PHP before 4.4.7, and 5.x before 5.2.2... Low Unreviewed
CVE-2007-2509 was published May 1, 2022
The SymTDI device driver (SYMTDI.SYS) in Symantec Norton Personal Firewall 2006 9.1.1.7 and... Low Unreviewed
CVE-2007-1476 was published May 1, 2022
The Sony Ericsson K700i and W810i phones allow remote attackers to cause a denial of service ... Low Unreviewed
CVE-2007-0521 was published May 1, 2022
The Nokia N70 phone allows remote attackers to cause a denial of service (continual modal dialogs... Low Unreviewed
CVE-2007-0523 was published May 1, 2022
The Motorola MOTORAZR V3 phone allows remote attackers to cause a denial of service (continual... Low Unreviewed
CVE-2007-0522 was published May 1, 2022
The LG Chocolate KG800 phone allows remote attackers to cause a denial of service (continual... Low Unreviewed
CVE-2007-0524 was published May 1, 2022
Kmail 1.9.1 on KDE 3.5.2, with "Prefer HTML to Plain Text" enabled, allows remote attackers to... Low Unreviewed
CVE-2006-7139 was published May 1, 2022
The sPLT chunk handling code (png_set_sPLT function in pngset.c) in libpng 1.0.6 through 1.2.12... Low Unreviewed
CVE-2006-5793 was published May 1, 2022
The Netscape Portable Runtime (NSPR) API 4.6.1 and 4.6.2, as used in Sun Solaris 10, trusts user... Low Unreviewed
CVE-2006-4842 was published May 1, 2022
Sylpheed-Claws before 2.2.2 and Sylpheed before 2.2.6 allow remote attackers to bypass the URI... Low Unreviewed
CVE-2006-2920 was published May 1, 2022
Microsoft Internet Explorer 5.01 through 6 allows remote attackers to conduct phishing attacks by... Low Unreviewed
CVE-2006-1192 was published May 1, 2022
Linux kernel 2.6.8 to 2.6.14-rc2 allows local users to cause a denial of service (kernel OOPS)... Low Unreviewed
CVE-2005-3055 was published May 1, 2022
Linux kernel 2.6 and 2.4 on the IA64 architecture allows local users to cause a denial of service... Low Unreviewed
CVE-2005-1761 was published May 1, 2022
** DISPUTED ** JavaMail API, as used by Solstice Internet Mail Server POP3 2.0, does not... Low Unreviewed
CVE-2005-1682 was published May 1, 2022
Remote Desktop in Windows XP SP1 does not verify the "Force shutdown from a remote system"... Low Unreviewed
CVE-2005-0904 was published May 1, 2022
Adobe Acrobat Reader 6.0.3 and 7.0.0 allows remote attackers to cause a denial of service ... Low Unreviewed
CVE-2005-0492 was published May 1, 2022
Absolute path traversal vulnerability in Alt-N Technologies WebAdmin 2.0.0 through 2.0.2 allows... Low Unreviewed
CVE-2003-1463 was published Apr 29, 2022
znew in the gzip package allows local users to overwrite arbitrary files via a symlink attack on... Low Unreviewed
CVE-2003-0367 was published Apr 29, 2022
Data Amplification in Play Framework Low
CVE-2020-28923 was published for com.typesafe.play:play (Maven) Feb 9, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database