Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+

10,758 advisories

Loading
Hastymail 1.5 and earlier before 20061008 allows remote authenticated users to send arbitrary... Moderate Unreviewed
CVE-2006-5313 was published May 1, 2022
Unspecified vulnerability in Microsoft Dynamics GP (formerly Great Plains) 9.0 and earlier allows... Moderate Unreviewed
CVE-2006-5265 was published May 1, 2022
Format string vulnerability in the NSRunAlertPanel function in eBay Skype for Mac 1.5.*.79 and... High Unreviewed
CVE-2006-5084 was published May 1, 2022
Moodle does not properly validate module instance id Moderate
CVE-2006-4936 was published for moodle/moodle (Composer) May 1, 2022
The Database module in Moodle before 1.6.2 does not properly handle uploaded files, which has... High Unreviewed
CVE-2006-4935 was published May 1, 2022
The Netscape Portable Runtime (NSPR) API 4.6.1 and 4.6.2, as used in Sun Solaris 10, trusts user... Low Unreviewed
CVE-2006-4842 was published May 1, 2022
RapDrv.sys in BlackICE PC Protection 3.6.cpn, cpj, cpiE, and possibly 3.6 and earlier, allows... Moderate Unreviewed
CVE-2006-4541 was published May 1, 2022
Multiple unspecified vulnerabilities in Joomla! before 1.0.11, related to unvalidated input,... Moderate Unreviewed
CVE-2006-4468 was published May 1, 2022
Joomla! before 1.0.11 does not properly unset variables when the input data includes a numeric... Moderate Unreviewed
CVE-2006-4466 was published May 1, 2022
Mozilla Firefox 1.5.0.6 allows remote attackers to cause a denial of service (crash) via a... Moderate Unreviewed
CVE-2006-4310 was published May 1, 2022
Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a denial of service (crash)... Moderate Unreviewed
CVE-2006-4301 was published May 1, 2022
MySQL before 5.0.25 and 5.1 before 5.1.12 evaluates arguments of suid routines in the security... Moderate Unreviewed
CVE-2006-4227 was published May 1, 2022
The server driver (srv.sys) in Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote... High Unreviewed
CVE-2006-3942 was published May 1, 2022
OSSP shiela 1.1.5 and earlier allows remote authenticated users to execute arbitrary commands on... Moderate Unreviewed
CVE-2006-3633 was published May 1, 2022
Microsoft Internet Explorer 6 allows remote attackers to execute arbitrary code by using the... High Unreviewed
CVE-2006-3450 was published May 1, 2022
Microsoft Internet Explorer 5 SP4 and 6 do not properly garbage collect when "multiple imports... High Unreviewed
CVE-2006-3451 was published May 1, 2022
WebEx Downloader ActiveX Control and WebEx Downloader Java before 2.1.0.0 do not validate... High Unreviewed
CVE-2006-3423 was published May 1, 2022
Microsoft Internet Explorer 6.0 does not properly handle Drag and Drop events, which allows... Moderate Unreviewed
CVE-2006-3281 was published May 1, 2022
Microsoft Excel allows user-assisted attackers to execute arbitrary javascript and redirect users... Moderate Unreviewed
CVE-2006-3014 was published May 1, 2022
Sylpheed-Claws before 2.2.2 and Sylpheed before 2.2.6 allow remote attackers to bypass the URI... Low Unreviewed
CVE-2006-2920 was published May 1, 2022
Mozilla Firefox 1.5.0.4, 2.0.x before 2.0.0.8, Mozilla Suite 1.7.13, Mozilla SeaMonkey 1.0.2 and... Moderate Unreviewed
CVE-2006-2894 was published May 1, 2022
Firefox 1.5.0.2 does not fix all test cases associated with CVE-2006-1729, which allows remote... Moderate Unreviewed
CVE-2006-2782 was published May 1, 2022
Improper Input Validation in Mortbay Jetty Moderate
CVE-2006-2759 was published for org.mortbay.jetty:jetty (Maven) May 1, 2022
phpBB 2.0.20 does not verify user-specified input variable types before being passed to type... Moderate Unreviewed
CVE-2006-2219 was published May 1, 2022
phpBB 2.0.20 does not properly verify user-specified input variables used as limits to SQL... Moderate Unreviewed
CVE-2006-2220 was published May 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database