Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,277 advisories

Loading
Improper Authentication in moodle Moderate
CVE-2022-0985 was published for moodle/moodle (Composer) Apr 30, 2022
Windows NT Terminal Server performs extra work when a client opens a new connection but before it... Moderate Unreviewed
CVE-1999-0680 was published Apr 30, 2022
SSH protocol 2 (aka SSH-2) public key authentication in the development snapshot of OpenSSH 2.3.1... Moderate Unreviewed
CVE-2001-1585 was published Apr 30, 2022
The default configuration of Oracle 9i Application Server 1.0.2.x allows remote anonymous users... Moderate Unreviewed
CVE-2002-0563 was published Apr 30, 2022
The security handler in GoAhead WebServer before 2.1.1 allows remote attackers to bypass... Moderate Unreviewed
CVE-2002-2427 was published Apr 30, 2022
relocate_server.php in Coppermine Photo Gallery (CPG) 1.4.2 and 1.4 beta is not removed after... Moderate Unreviewed
CVE-2005-3979 was published May 1, 2022
eZ publish 3.4.4 through 3.7 before 20050722 applies certain permissions on the node level, which... Moderate Unreviewed
CVE-2005-4851 was published May 1, 2022
SleeperChat 0.3f and earlier allows remote attackers to bypass authentication and create new... Moderate Unreviewed
CVE-2006-0416 was published May 1, 2022
The make_password function in ipsclass.php in Invision Power Board (IPB) 2.1.4 uses random data... Moderate Unreviewed
CVE-2006-0633 was published May 1, 2022
Session fixation vulnerability in Drupal 4.5.x before 4.5.8 and 4.6.x before 4.5.8 allows remote... Moderate Unreviewed
CVE-2006-1228 was published May 1, 2022
The embedded HTTP server in Fuji Xerox Printing Systems (FXPS) print engine, as used in products... Moderate Unreviewed
CVE-2006-2113 was published May 1, 2022
Microsoft Windows 2000 SP4 does not properly validate an RPC server during mutual authentication... Moderate Unreviewed
CVE-2006-2380 was published May 1, 2022
Multiple unspecified vulnerabilities in the template files in Soumu Workflow for Groupmax 01-00... Moderate Unreviewed
CVE-2006-6705 was published May 1, 2022
IBM DB2 UDB 8.2 before Fixpak 7 (aka fixpack 14), and DB2 9 before Fix Pack 2, on UNIX allows the... Moderate Unreviewed
CVE-2007-1228 was published May 1, 2022
XScreenSaver 4.10, when using a remote directory service for credentials, does not properly... Moderate Unreviewed
CVE-2007-1859 was published May 1, 2022
Session fixation vulnerability in eXV2 CMS 2.0.4.3 and earlier allows remote attackers to hijack... Moderate Unreviewed
CVE-2007-1966 was published May 1, 2022
OpenSSH 4.6 and earlier, when ChallengeResponseAuthentication is enabled, allows remote attackers... Moderate Unreviewed
CVE-2007-2243 was published May 1, 2022
Session fixation vulnerability in Simple Machines Forum (SMF) 1.1.2 and earlier allows remote... Moderate Unreviewed
CVE-2007-2546 was published May 1, 2022
Unspecified vulnerability in Default.aspx in Podium CMS allows remote attackers to have an... Moderate Unreviewed
CVE-2007-2555 was published May 1, 2022
Ingate Firewall and SIParator before 4.5.2 allow remote attackers to bypass SIP authentication... Moderate Unreviewed
CVE-2007-3177 was published May 1, 2022
Mail in Apple iPhone 1.1.1, when using SSL, does not warn the user when the mail server changes... Moderate Unreviewed
CVE-2007-3754 was published May 1, 2022
Session fixation vulnerability in Virtual Hosting Control System (VHCS) 2.4.7.1 and earlier... Moderate Unreviewed
CVE-2007-3988 was published May 1, 2022
file.cgi in Secure Computing SecurityReporter (aka Network Security Analyzer) before 4.6.3 allows... Moderate Unreviewed
CVE-2007-4043 was published May 1, 2022
Session fixation vulnerability in Ampache before 3.3.3.5 allows remote attackers to hijack web... Moderate Unreviewed
CVE-2007-4438 was published May 1, 2022
Cisco IOS 12.2E, 12.2F, and 12.2S places a "no login" line into the VTY configuration when an... Moderate Unreviewed
CVE-2007-4632 was published May 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database