GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
9,936 advisories
Filter by severity
The ioperm system call in Linux kernel 2.4.20 and earlier does not properly restrict privileges,...
Low
Unreviewed
CVE-2003-0246
was published
Apr 29, 2022
ps2epsi creates insecure temporary files when calling ghostscript, which allows local attackers...
Low
Unreviewed
CVE-2003-0207
was published
Apr 29, 2022
msxlsview.sh in xlsview for catdoc 0.91 and earlier allows local users to overwrite arbitrary...
Low
Unreviewed
CVE-2003-0193
was published
Apr 29, 2022
psbanner in the LPRng package allows local users to overwrite arbitrary files via a symbolic link...
Low
Unreviewed
CVE-2003-0136
was published
Apr 29, 2022
adb2mhc in the mhc-utils package before 0.25+20010625-7.1 allows local users to overwrite...
Low
Unreviewed
CVE-2003-0120
was published
Apr 29, 2022
The DEC UDK processing feature in the hanterm (hanterm-xf) terminal emulator before 2.0.5 allows...
Low
Unreviewed
CVE-2003-0079
was published
Apr 29, 2022
The DEC UDK processing feature in the xterm terminal emulator in XFree86 4.2.99.4 and earlier...
Low
Unreviewed
CVE-2003-0071
was published
Apr 29, 2022
Linux kernel 2.4.10 through 2.4.21-pre4 does not properly handle the O_DIRECT feature, which...
Low
Unreviewed
CVE-2003-0018
was published
Apr 29, 2022
The data collection script for Bugzilla 2.14.x before 2.14.5, 2.16.x before 2.16.2, and 2.17.x...
Low
Unreviewed
CVE-2003-0012
was published
Apr 29, 2022
In JetBrains IntelliJ IDEA before 2022.1 HTML injection into IDE messages was possible
Low
Unreviewed
CVE-2022-29816
was published
Apr 29, 2022
In JetBrains IntelliJ IDEA before 2022.1 notification mechanisms about using Unicode...
Low
Unreviewed
CVE-2022-29812
was published
Apr 29, 2022
In JetBrains PyCharm before 2022.1 exposure of the debugger port to the internal network was...
Low
Unreviewed
CVE-2022-29820
was published
Apr 29, 2022
An insecure data storage vulnerability allows a physical attacker with root privileges to...
Low
Unreviewed
CVE-2021-25266
was published
Apr 28, 2022
IBM InfoSphere Guardium 7.0, 8.0, 8.01, and 8.2 is vulnerable to cross-site scripting, caused by...
Low
Unreviewed
CVE-2012-3341
was published
Apr 23, 2022
systemd 37-1 does not properly handle non-existent services, which causes a denial of service ...
Low
Unreviewed
CVE-2012-1101
was published
Apr 23, 2022
Information-disclosure vulnerability in Netsurf through 2.8 due to a world-readable cookie jar.
Low
Unreviewed
CVE-2012-0844
was published
Apr 23, 2022
A cross-site scripting (XSS) vulnerability in Wolf CMS 0.75 and earlier allows remote attackers...
Low
Unreviewed
CVE-2012-1932
was published
Apr 23, 2022
Stored XSS vulnerability in UpdateFieldJson.jspa in JIRA 4.4.3 and GreenHopper before 5.9.8...
Low
Unreviewed
CVE-2012-1500
was published
Apr 23, 2022
XSS in Telligent Community 5.6.583.20496 via a flash file and related to the allowScriptAccess...
Low
Unreviewed
CVE-2012-1903
was published
Apr 23, 2022
HP Systems Insight Manager before 7.0 allows a remote user on adjacent network to access information
Low
Unreviewed
CVE-2012-1994
was published
Apr 23, 2022
The clientconf.html and detailbw.html pages in x3 in cPanel & WHM 11.34.0 (build 8) have a XSS...
Low
Unreviewed
CVE-2012-6449
was published
Apr 23, 2022
An Authentication vulnerability exists in NETGEAR WGR614 v7 and v9 due to a hardcoded credential...
Low
Unreviewed
CVE-2012-6340
was published
Apr 23, 2022
Dokeos 2.1.1 has multiple XSS issues involving "extra_" parameters in main/auth/profile.php.
Low
Unreviewed
CVE-2012-5776
was published
Apr 23, 2022
The git-changelog utility in git-extras 1.7.0 allows local users to overwrite arbitrary files via...
Low
Unreviewed
CVE-2012-6114
was published
Apr 23, 2022
An issue exists in Safend Data Protector Agent 3.4.5586.9772 in the securitylayer.log file in the...
Low
Unreviewed
CVE-2012-4767
was published
Apr 23, 2022
ProTip!
Advisories are also available from the
GraphQL API