Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,483 advisories

Loading
The _gnutls_recv_client_kx_message function in lib/gnutls_kx.c in libgnutls in gnutls-serv in... High Unreviewed
CVE-2008-1949 was published May 1, 2022
The cookie authentication method in WordPress 2.5 relies on a hash of a concatenated string... High Unreviewed
CVE-2008-1930 was published May 1, 2022
The ExpandCert function in Apache-SSL before apache_1.3.41+ssl_1.59 does not properly handle (1) ... High Unreviewed
CVE-2008-0555 was published May 1, 2022
cgi/b on the BT Home Hub router allows remote attackers to bypass authentication, and read or... High Unreviewed
CVE-2008-1334 was published May 1, 2022
cp06_wifi_m_nocifr.cgi in the admin panel on the Alice Gate 2 Plus Wi-Fi router does not verify... High Unreviewed
CVE-2008-1269 was published May 1, 2022
The administration panel on the Airspan WiMax ProST 4.1 antenna with 6.5.38.0 software does not... High Unreviewed
CVE-2008-1262 was published May 1, 2022
The Zyxel P-2602HW-D1A router with 3.40(AJZ.1) firmware maintains authentication state by IP... High Unreviewed
CVE-2008-1259 was published May 1, 2022
Gallarific does not require authentication for (1) users.php and (2) index.php, which allows... High Unreviewed
CVE-2008-1327 was published May 1, 2022
The FTP server on the Linksys WRT54G 7 router with 7.00.1 firmware does not verify authentication... High Unreviewed
CVE-2008-1268 was published May 1, 2022
The Linksys WRT54G router has "admin" as its default FTP password, which allows remote attackers... High Unreviewed
CVE-2008-1264 was published May 1, 2022
cgi-bin/setup_dns.exe on the Belkin F5D7230-4 router with firmware 9.01.10 does not require... High Unreviewed
CVE-2008-1244 was published May 1, 2022
The DBLink module in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, 7.4... High Unreviewed
CVE-2007-6601 was published May 1, 2022
The Vonage Motorola Phone Adapter VT 2142-VD does not properly verify that a SIP INVITE message... High Unreviewed
CVE-2007-5791 was published May 1, 2022
The Thomson/Alcatel SpeedTouch 7G router, as used for the BT Home Hub 6.2.6.B and earlier, allows... High Unreviewed
CVE-2007-5383 was published May 1, 2022
ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Improper... High Unreviewed
CVE-2025-30287 was published Apr 8, 2025
The Forgotten Password functionality of Rocket TRUfusion Portal v7.9.2.1 allows remote attackers... High Unreviewed
CVE-2022-25027 was published Jan 13, 2023
An issue was discovered in OpenText Content Suite Platform 22.1 (16.2.19.1803). The request... High Unreviewed
CVE-2022-45922 was published Jan 18, 2023
SQL-Ledger 2.4.4 through 2.6.17 authenticates users by verifying that the value of the sql-ledger... High Unreviewed
CVE-2006-4244 was published May 1, 2022
Session fixation vulnerability in Jetbox CMS 2.1 SR1 allows remote attackers to hijack web... High Unreviewed
CVE-2006-3583 was published May 1, 2022
RealVNC 4.1.1, and other products that use RealVNC such as AdderLink IP and Cisco CallManager,... High Unreviewed
CVE-2006-2369 was published May 1, 2022
HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to bypass authentication and execute... High Unreviewed
CVE-2001-0537 was published Apr 30, 2022
Windows NT does not properly download a system policy if the domain user logs into the domain... High Unreviewed
CVE-1999-0987 was published Apr 30, 2022
In some cases, Service Pack 4 for Windows NT 4.0 can allow access to network shares using a blank... High Unreviewed
CVE-1999-0366 was published Apr 30, 2022
ONLYOFFICE all versions as of 2021-11-08 is affected by Incorrect Access Control. Signed document... High Unreviewed
CVE-2021-43444 was published Jan 23, 2023
ONLYOFFICE all versions as of 2021-11-08 is affected by Incorrect Access Control. An... High Unreviewed
CVE-2021-43447 was published Jan 23, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database