GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
883 advisories
Filter by severity
An improper access control vulnerability in CPLC prior to SMR Dec-2021 Release 1 allows local...
Low
Unreviewed
CVE-2021-25519
was published
Dec 9, 2021
In createAdminSupportIntent of DevicePolicyManagerService.java, there is a possible way to...
Low
Unreviewed
CVE-2021-0983
was published
Dec 16, 2021
Full list of recipients from customer users in a contact field could be disclosed in notification...
Low
Unreviewed
CVE-2022-0474
was published
Feb 8, 2022
Information Exposure vulnerability in Galaxy Watch3 Plugin prior to version 2.2.09.22012751...
Low
Unreviewed
CVE-2022-25830
was published
Mar 11, 2022
Information Exposure vulnerability in Watch Active2 Plugin prior to version 2.2.08.22012751...
Low
Unreviewed
CVE-2022-25829
was published
Mar 11, 2022
Information Exposure vulnerability in Galaxy S3 Plugin prior to version 2.2.03.22012751 allows...
Low
Unreviewed
CVE-2022-25826
was published
Mar 11, 2022
Information Exposure vulnerability in Watch Active Plugin prior to version 2.2.07.22012751 allows...
Low
Unreviewed
CVE-2022-25828
was published
Mar 11, 2022
Information Exposure vulnerability in Galaxy Watch Plugin prior to version 2.2.05.22012751 allows...
Low
Unreviewed
CVE-2022-25827
was published
Mar 11, 2022
Information Exposure vulnerability in Galaxy Watch Plugin prior to version 2.2.05.220126741...
Low
Unreviewed
CVE-2022-25823
was published
Mar 11, 2022
chpass in OpenBSD 2.0 through 3.2 allows local users to read portions of arbitrary files via a...
Low
Unreviewed
CVE-2003-1366
was published
Apr 29, 2022
The installer for BackOffice Server includes account names and passwords in a setup file (reboot...
Low
Unreviewed
CVE-1999-0372
was published
Apr 30, 2022
ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts.
Low
Unreviewed
CVE-1999-0524
was published
Apr 30, 2022
Microsoft Java Virtual Machine allows remote attackers to read files via the...
Low
Unreviewed
CVE-2000-0132
was published
Apr 30, 2022
Classic Cisco IOS 9.1 and later allows attackers with access to the login prompt to obtain...
Low
Unreviewed
CVE-2000-0368
was published
Apr 30, 2022
IIS 4.0 allows remote attackers to obtain the internal IP address of the server via an HTTP 1.0...
Low
Unreviewed
CVE-2000-0649
was published
Apr 30, 2022
iptables-save in iptables before 1.2.4 records the "--reject-with icmp-host-prohibited" rule as "...
Low
Unreviewed
CVE-2001-1387
was published
Apr 30, 2022
IIS 5 and 5.1 supporting WebDAV methods allows remote attackers to determine the internal IP...
Low
Unreviewed
CVE-2002-0422
was published
Apr 30, 2022
Photon microGUI in QNX Neutrino realtime operating system (RTOS) 6.1.0 and 6.2.0 allows attackers...
Low
Unreviewed
CVE-2002-2409
was published
Apr 30, 2022
An unspecified kernel interface in Mac OS X 10.4.2 and earlier does not properly clear memory...
Low
Unreviewed
CVE-2005-2752
was published
May 1, 2022
fetchmailconf before 1.49 in fetchmail 6.2.0, 6.2.5 and 6.2.5.2 creates configuration files with...
Low
Unreviewed
CVE-2005-3088
was published
May 1, 2022
Shared memory sections and events in IBM DB2 8.1 have default permissions of read and write for...
Low
Unreviewed
CVE-2005-4868
was published
May 1, 2022
** DISPUTED ** MySQL 5.0.18 allows local users with access to a VIEW to obtain sensitive...
Low
Unreviewed
CVE-2006-0369
was published
May 1, 2022
unix_random.c in lshd for lsh 2.0.1 leaks file descriptors related to the randomness generator,...
Low
Unreviewed
CVE-2006-0353
was published
May 1, 2022
NSSecureTextField in AppKit in Apple Mac OS X 10.4.6 does not re-enable secure event input under...
Low
Unreviewed
CVE-2006-1439
was published
May 1, 2022
V3 Chat allows remote attackers to obtain the installation path via (1) an invalid id parameter...
Low
Unreviewed
CVE-2006-3365
was published
May 1, 2022
ProTip!
Advisories are also available from the
GraphQL API