Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

10,609 advisories

Loading
The lit program in Sun Flex License Manager (FlexLM) follows symlinks, which allows local users... Low Unreviewed
CVE-2000-0210 was published Apr 30, 2022
Linux printtool sets the permissions of printer configuration files to be world-readable, which... Low Unreviewed
CVE-2000-0184 was published Apr 30, 2022
IIS Inetinfo.exe allows local users to cause a denial of service by creating a mail file with a... Low Unreviewed
CVE-2000-0167 was published Apr 30, 2022
The ARCserve agent in UnixWare allows local attackers to modify arbitrary files via a symlink... Low Unreviewed
CVE-2000-0154 was published Apr 30, 2022
Buffer overflow in the SHGetPathFromIDList function of the Serv-U FTP server allows attackers to... Low Unreviewed
CVE-2000-0129 was published Apr 30, 2022
Internet Anywhere POP3 Mail Server allows local users to cause a denial of service via a... Low Unreviewed
CVE-2000-0139 was published Apr 30, 2022
The Recycle Bin utility in Windows NT and Windows 2000 allows local users to read or modify files... Low Unreviewed
CVE-2000-0121 was published Apr 30, 2022
Microsoft Java Virtual Machine allows remote attackers to read files via the... Low Unreviewed
CVE-2000-0132 was published Apr 30, 2022
surfCONTROL SuperScout does not properly asign a category to web sites with a . (dot) at the end,... Low Unreviewed
CVE-2000-0124 was published Apr 30, 2022
The rdisk utility in Microsoft Terminal Server Edition and Windows NT 4.0 stores registry hive... Low Unreviewed
CVE-2000-0089 was published Apr 30, 2022
VMWare 1.1.2 allows local users to cause a denial of service via a symlink attack. Low Unreviewed
CVE-2000-0090 was published Apr 30, 2022
AIX techlibss allows local users to overwrite files via a symlink attack. Low Unreviewed
CVE-2000-0080 was published Apr 30, 2022
The recover program in Solstice Backup allows local users to restore sensitive files. Low Unreviewed
CVE-2000-0069 was published Apr 30, 2022
CyberCash Merchant Connection Kit (MCK) allows local users to modify files via a symlink attack. Low Unreviewed
CVE-2000-0067 was published Apr 30, 2022
nviboot boot script in the Debian nvi package allows local users to delete files via malformed... Low Unreviewed
CVE-2000-0076 was published Apr 30, 2022
Internet Explorer 5.0 and 5.01 allows remote attackers to bypass the cross frame security policy... Low Unreviewed
CVE-2000-0028 was published Apr 30, 2022
IMail POP3 daemon uses weak encryption, which allows local users to read files. Low Unreviewed
CVE-2000-0019 was published Apr 30, 2022
FTPPro allows local users to read sensitive information, which is stored in plain text. Low Unreviewed
CVE-2000-0008 was published Apr 30, 2022
strace allows local users to read arbitrary files via memory mapped file names. Low Unreviewed
CVE-2000-0006 was published Apr 30, 2022
/usr/ucb/ps in Sun Microsystems Solaris 8 and 9, and certain earlier releases, allows local users... Low Unreviewed
CVE-1999-1587 was published Apr 30, 2022
Directory traversal vulnerability in Muhammad A. Muquit wwwcount (Count.cgi) 2.3 allows remote... Low Unreviewed
CVE-1999-1590 was published Apr 30, 2022
cpio on FreeBSD 2.1.0, Debian GNU/Linux 3.0, and possibly other operating systems, uses a 0 umask... Low Unreviewed
CVE-1999-1572 was published Apr 30, 2022
FreeBSD 3.2 and possibly other versions allows a local user to cause a denial of service (panic)... Low Unreviewed
CVE-1999-1564 was published Apr 30, 2022
Joe's Own Editor (joe) 2.8 sets the world-readable permission on its crash-save file, DEADJOE,... Low Unreviewed
CVE-1999-1545 was published Apr 30, 2022
/usr/sbin/Mail on SGI IRIX 3.3 and 3.3.1 does not properly set the group ID to the group ID of... Low Unreviewed
CVE-1999-1554 was published Apr 30, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database