Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+

11,268 advisories

Loading
The DBI library (libdbi-perl) for Perl allows local users to overwrite arbitrary files via a... Low Unreviewed
CVE-2005-0077 was published May 1, 2022
zhcon before 0.2 does not drop privileges before reading a user configuration file, which allows... Low Unreviewed
CVE-2005-0072 was published May 1, 2022
The f2 shell script in the f2c package 3.1 allows local users to read arbitrary files via a... Low Unreviewed
CVE-2005-0018 was published May 1, 2022
gnome-pty-helper in GNOME libzvt2 and libvte4 allows local users to spoof the logon hostname via... Low Unreviewed
CVE-2005-0023 was published May 1, 2022
The f2c translator in the f2c package 3.1 allows local users to read arbitrary files via a... Low Unreviewed
CVE-2005-0017 was published May 1, 2022
The 64 bit ELF support in Linux kernel 2.6 before 2.6.10, on 64-bit architectures, does not... Low Unreviewed
CVE-2005-0003 was published May 1, 2022
Winamp 2.80 stores authentication credentials in plaintext in the (1) [HTTP-AUTH] and (2) [winamp... Low Unreviewed
CVE-2002-2412 was published Apr 30, 2022
Photon microGUI in QNX Neutrino realtime operating system (RTOS) 6.1.0 and 6.2.0 allows attackers... Low Unreviewed
CVE-2002-2409 was published Apr 30, 2022
NT Virtual DOS Machine (NTVDM.EXE) in Windows 2000, NT and XP does not verify user execution... Low Unreviewed
CVE-2002-2401 was published Apr 30, 2022
hotfoon4.exe in Hotfoon 4.00 stores user names and passwords in cleartext in the hotfoon2... Low Unreviewed
CVE-2002-2384 was published Apr 30, 2022
Joe text editor 2.8 through 2.9.7 does not remove the group and user setuid bits for backup files... Low Unreviewed
CVE-2002-2334 was published Apr 30, 2022
Lawson Financials 8.0, when configured to use a third party relational database, stores usernames... Low Unreviewed
CVE-2002-2301 was published Apr 30, 2022
Microsoft Windows XP with Fast User Switching (FUS) enabled does not remove the "show processes... Low Unreviewed
CVE-2002-2283 was published Apr 30, 2022
syslogd on OpenBSD 2.9 through 3.2 does not change the source IP address of syslog packets when... Low Unreviewed
CVE-2002-2280 was published Apr 30, 2022
Unspecified vulnerability in the ied command in HP-UX 10.10, 10.20, and 11.0 allows local users... Low Unreviewed
CVE-2002-2270 was published Apr 30, 2022
The experimental IP packet queuing feature in Netfilter / IPTables in Linux kernel 2.4 up to 2.4... Low Unreviewed
CVE-2002-2254 was published Apr 30, 2022
Fortres 101 4.1 allows local users to bypass Fortres by pressing the Windows and "F" key together... Low Unreviewed
CVE-2002-2275 was published Apr 30, 2022
akfingerd 0.5 allows local users to read arbitrary files as the akfingerd user (nobody) via a... Low Unreviewed
CVE-2002-2274 was published Apr 30, 2022
Akfingerd 0.5 and earlier versions allow local users to cause a denial of service (crash) via a ... Low Unreviewed
CVE-2002-2244 was published Apr 30, 2022
Outlook Express 6.0 does not delete messages from dbx files, even when a user empties the Deleted... Low Unreviewed
CVE-2002-2202 was published Apr 30, 2022
Informed (1) Designer and (2) Filler 3.05 does not zero out newly allocated disk blocks as an... Low Unreviewed
CVE-2002-2172 was published Apr 30, 2022
BEA WebLogic Server and Express 6.1 through 7.0.0.1 buffers HTTP requests in a way that can cause... Low Unreviewed
CVE-2002-2177 was published Apr 30, 2022
The IMHO Webmail module 0.97.3 and earlier for Roxen leaks the REFERER from the browser's... Low Unreviewed
CVE-2002-2165 was published Apr 30, 2022
Windows File Protection (WFP) in Windows 2000 and XP does not remove old security catalog .CAT... Low Unreviewed
CVE-2002-2132 was published Apr 30, 2022
Pointsec before 1.2 for PalmOS stores a user's PIN number in memory in plaintext, which allows a... Low Unreviewed
CVE-2002-2122 was published Apr 30, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database