Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,170
Erlang
30
GitHub Actions
19
Go
1,981
Maven
5,000+
npm
3,700
NuGet
656
pip
3,319
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

882 advisories

Loading
An improper access control vulnerability in CPLC prior to SMR Dec-2021 Release 1 allows local... Low Unreviewed
CVE-2021-25519 was published Dec 9, 2021
In createAdminSupportIntent of DevicePolicyManagerService.java, there is a possible way to... Low Unreviewed
CVE-2021-0983 was published Dec 16, 2021
Full list of recipients from customer users in a contact field could be disclosed in notification... Low Unreviewed
CVE-2022-0474 was published Feb 8, 2022
Information Exposure vulnerability in Galaxy Watch3 Plugin prior to version 2.2.09.22012751... Low Unreviewed
CVE-2022-25830 was published Mar 11, 2022
Information Exposure vulnerability in Watch Active Plugin prior to version 2.2.07.22012751 allows... Low Unreviewed
CVE-2022-25828 was published Mar 11, 2022
Information Exposure vulnerability in Galaxy S3 Plugin prior to version 2.2.03.22012751 allows... Low Unreviewed
CVE-2022-25826 was published Mar 11, 2022
Information Exposure vulnerability in Galaxy Watch Plugin prior to version 2.2.05.220126741... Low Unreviewed
CVE-2022-25823 was published Mar 11, 2022
Information Exposure vulnerability in Watch Active2 Plugin prior to version 2.2.08.22012751... Low Unreviewed
CVE-2022-25829 was published Mar 11, 2022
Information Exposure vulnerability in Galaxy Watch Plugin prior to version 2.2.05.22012751 allows... Low Unreviewed
CVE-2022-25827 was published Mar 11, 2022
chpass in OpenBSD 2.0 through 3.2 allows local users to read portions of arbitrary files via a... Low Unreviewed
CVE-2003-1366 was published Apr 29, 2022
The installer for BackOffice Server includes account names and passwords in a setup file (reboot... Low Unreviewed
CVE-1999-0372 was published Apr 30, 2022
ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts. Low Unreviewed
CVE-1999-0524 was published Apr 30, 2022
Microsoft Java Virtual Machine allows remote attackers to read files via the... Low Unreviewed
CVE-2000-0132 was published Apr 30, 2022
Classic Cisco IOS 9.1 and later allows attackers with access to the login prompt to obtain... Low Unreviewed
CVE-2000-0368 was published Apr 30, 2022
IIS 4.0 allows remote attackers to obtain the internal IP address of the server via an HTTP 1.0... Low Unreviewed
CVE-2000-0649 was published Apr 30, 2022
iptables-save in iptables before 1.2.4 records the "--reject-with icmp-host-prohibited" rule as "... Low Unreviewed
CVE-2001-1387 was published Apr 30, 2022
IIS 5 and 5.1 supporting WebDAV methods allows remote attackers to determine the internal IP... Low Unreviewed
CVE-2002-0422 was published Apr 30, 2022
Photon microGUI in QNX Neutrino realtime operating system (RTOS) 6.1.0 and 6.2.0 allows attackers... Low Unreviewed
CVE-2002-2409 was published Apr 30, 2022
An unspecified kernel interface in Mac OS X 10.4.2 and earlier does not properly clear memory... Low Unreviewed
CVE-2005-2752 was published May 1, 2022
fetchmailconf before 1.49 in fetchmail 6.2.0, 6.2.5 and 6.2.5.2 creates configuration files with... Low Unreviewed
CVE-2005-3088 was published May 1, 2022
Shared memory sections and events in IBM DB2 8.1 have default permissions of read and write for... Low Unreviewed
CVE-2005-4868 was published May 1, 2022
** DISPUTED ** MySQL 5.0.18 allows local users with access to a VIEW to obtain sensitive... Low Unreviewed
CVE-2006-0369 was published May 1, 2022
unix_random.c in lshd for lsh 2.0.1 leaks file descriptors related to the randomness generator,... Low Unreviewed
CVE-2006-0353 was published May 1, 2022
NSSecureTextField in AppKit in Apple Mac OS X 10.4.6 does not re-enable secure event input under... Low Unreviewed
CVE-2006-1439 was published May 1, 2022
V3 Chat allows remote attackers to obtain the installation path via (1) an invalid id parameter... Low Unreviewed
CVE-2006-3365 was published May 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database