Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,277 advisories

Loading
Unspecified vulnerability in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX... Moderate Unreviewed
CVE-2008-3815 was published May 2, 2022
The Trend Micro Personal Firewall service (aka TmPfw.exe) in Trend Micro Network Security... Moderate Unreviewed
CVE-2008-3866 was published May 2, 2022
resolv.rb in Ruby 1.8.5 and earlier, 1.8.6 before 1.8.6-p287, 1.8.7 before 1.8.7-p72, and 1.9... Moderate Unreviewed
CVE-2008-3905 was published May 2, 2022
Addalink 1.0 beta 4 and earlier allows remote attackers to (1) approve web-site additions via a... Moderate Unreviewed
CVE-2008-4146 was published May 2, 2022
useradmin.php in Easy Photo Gallery (aka Ezphotogallery) 2.1 does not require administrative... Moderate Unreviewed
CVE-2008-4167 was published May 2, 2022
fileadmin.php in Libra File Manager (aka Libra PHP File Manager) 1.18 and earlier allows remote... Moderate Unreviewed
CVE-2008-4319 was published May 2, 2022
NTP 4.2.4 before 4.2.4p5 and 4.2.5 before 4.2.5p150 does not properly check the return value from... Moderate Unreviewed
CVE-2009-0021 was published May 2, 2022
BIND 9.6.0, 9.5.1, 9.5.0, 9.4.3, and earlier does not properly check the return value from the... Moderate Unreviewed
CVE-2009-0025 was published May 2, 2022
A certain Red Hat patch for SquirrelMail 1.4.8 sets the same SQMSESSID cookie value for all... Moderate Unreviewed
CVE-2009-0030 was published May 2, 2022
Gale 0.99 and earlier does not properly check the return value from the OpenSSL EVP_VerifyFinal... Moderate Unreviewed
CVE-2009-0047 was published May 2, 2022
Sun GridEngine 5.3 and earlier does not properly check the return value from the OpenSSL... Moderate Unreviewed
CVE-2009-0046 was published May 2, 2022
OpenEvidence 1.0.6 and earlier does not properly check the return value from the OpenSSL... Moderate Unreviewed
CVE-2009-0048 was published May 2, 2022
Belgian eID middleware (eidlib) 2.6.0 and earlier does not properly check the return value from... Moderate Unreviewed
CVE-2009-0049 was published May 2, 2022
ZXID 0.29 and earlier does not properly check the return value from the OpenSSL DSA_verify... Moderate Unreviewed
CVE-2009-0051 was published May 2, 2022
plugins/crypto/openssl/crypto_openssl.c in Simple Linux Utility for Resource Management (aka... Moderate Unreviewed
CVE-2009-0128 was published May 2, 2022
The decrypt_public function in lib/crypt.cpp in the client in Berkeley Open Infrastructure for... Moderate Unreviewed
CVE-2009-0126 was published May 2, 2022
The tqsl_verifyDataBlock function in openssl_cert.cpp in American Radio Relay League (ARRL)... Moderate Unreviewed
CVE-2009-0124 was published May 2, 2022
** DISPUTED ** NOTE: this issue has been disputed by the upstream vendor. nasl/nasl_crypto2.c in... Moderate Unreviewed
CVE-2009-0125 was published May 2, 2022
** DISPUTED ** M2Crypto does not properly check the return value from the OpenSSL EVP_VerifyFinal... Moderate Unreviewed
CVE-2009-0127 was published May 2, 2022
libcrypt-openssl-dsa-perl does not properly check the return value from the OpenSSL DSA_verify... Moderate Unreviewed
CVE-2009-0129 was published May 2, 2022
** DISPUTED ** lib/crypto/c_src/crypto_drv.c in erlang does not properly check the return value... Moderate Unreviewed
CVE-2009-0130 was published May 2, 2022
Internet Systems Consortium (ISC) BIND 9.6.0 and earlier does not properly check the return value... Moderate Unreviewed
CVE-2009-0265 was published May 2, 2022
Russ Allbery pam-krb5 before 3.13, when linked against MIT Kerberos, does not properly initialize... Moderate Unreviewed
CVE-2009-0360 was published May 2, 2022
filter.d/wuftpd.conf in Fail2ban 0.8.3 uses an incorrect regular expression that allows remote... Moderate Unreviewed
CVE-2009-0362 was published May 2, 2022
IBM WebSphere Partner Gateway (WPG) 6.0.0 through 6.0.0.7 does not properly handle failures of... Moderate Unreviewed
CVE-2009-0440 was published May 2, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database