Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,780
Erlang
36
GitHub Actions
29
Go
2,338
Maven
5,000+
npm
3,973
NuGet
715
pip
3,769
Pub
12
RubyGems
923
Rust
976
Swift
38
Unreviewed advisories
All unreviewed
5,000+

108,583 advisories

Loading
Buffer overflow in PAM SMB module (pam_smb) 1.1.6 and earlier, when authenticating to a remote... High Unreviewed
CVE-2003-0686 was published Apr 29, 2022
Buffer overflow in the whois client, which is not setuid but is sometimes called from within CGI... High Unreviewed
CVE-2003-0709 was published Apr 29, 2022
Buffer overflow in rcp for AIX 4.3.3, 5.1 and 5.2 allows local users to gain privileges. High Unreviewed
CVE-2003-0954 was published Apr 29, 2022
Windows Media Player (WMP) 7 and 8, as running on Internet Explorer and possibly other Microsoft... High Unreviewed
CVE-2003-0604 was published Apr 29, 2022
Format string vulnerability in ezbounce 1.0 through 1.50 allows remote attackers to execute... High Unreviewed
CVE-2003-0510 was published Apr 29, 2022
Caché Database 5.x installs the /cachesys/csp directory with insecure permissions, which allows... High Unreviewed
CVE-2003-0498 was published Apr 29, 2022
Caché Database 5.x installs /cachesys/bin/cache with world-writable permissions, which allows... High Unreviewed
CVE-2003-0497 was published May 24, 2022
The Script.prototype.freeze/thaw functionality in Mozilla 1.4 and earlier allows attackers to... High Unreviewed
CVE-2003-0791 was published Apr 29, 2022
Multiple buffer overflows in the (1) dbm_open function, as used in ndbm and dbm, and the (2)... High Unreviewed
CVE-2003-1067 was published Apr 29, 2022
BEA WebLogic Server and Express, when using NodeManager to start servers, provides Operator users... High Unreviewed
CVE-2003-0640 was published Apr 29, 2022
Buffer overflow in utmp_update for Solaris 2.6 through 9 allows local users to gain root... High Unreviewed
CVE-2003-1068 was published Apr 29, 2022
Heap-based buffer overflow in Null HTTP Server 0.5.0 and earlier allows remote attackers to... High Unreviewed
CVE-2002-1496 was published Apr 30, 2022
BRS WebWeaver Web Server 1.01 allows remote attackers to bypass password protections for files... High Unreviewed
CVE-2002-1546 was published Apr 30, 2022
Unknown vulnerability in newtask for Solaris 9 allows local users to gain root privileges. High Unreviewed
CVE-2003-1074 was published Apr 29, 2022
The FTP client for Solaris 2.6, 7, and 8 with the debug (-d) flag enabled displays the user... High Unreviewed
CVE-2003-1078 was published Apr 29, 2022
scponly does not properly verify the path when finding the (1) scp or (2) sftp-server programs,... High Unreviewed
CVE-2002-1469 was published Apr 30, 2022
The Google toolbar 1.1.58 and earlier allows remote web sites to perform unauthorized toolbar... High Unreviewed
CVE-2002-1442 was published Apr 30, 2022
Multiple buffer overflows in Tomahawk SteelArrow before 4.5 allow remote attackers to execute... High Unreviewed
CVE-2002-1441 was published Apr 30, 2022
Polycom ViewStation before 7.2.4 has a default null password for the administrator account, which... High Unreviewed
CVE-2002-0626 was published Apr 30, 2022
Buffer overflow in ntdll.dll on Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition,... High Unreviewed
CVE-2003-0109 was published Apr 29, 2022
Buffer underflow in ssldump 0.9b2 and earlier allows remote attackers to cause a denial of... High Unreviewed
CVE-2002-2227 was published Apr 30, 2022
Buffer overflow in tftpd of TFTP32 2.21 and earlier allows remote attackers to execute arbitrary... High Unreviewed
CVE-2002-2226 was published Apr 30, 2022
Buffer overflow in ssldump 0.9b2 and earlier, when running in decryption mode, allows remote... High Unreviewed
CVE-2002-2207 was published Apr 30, 2022
Apache before 2.0.44, when running on unpatched Windows 9x and Me operating systems, allows... High Unreviewed
CVE-2003-0016 was published Apr 29, 2022
The Web server for Polycom ViewStation before 7.2.4 allows remote attackers to bypass... High Unreviewed
CVE-2002-0627 was published Apr 30, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database