Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,856
Erlang
36
GitHub Actions
36
Go
2,486
Maven
5,000+
npm
4,104
NuGet
735
pip
3,918
Pub
12
RubyGems
945
Rust
1,017
Swift
39
Unreviewed advisories
All unreviewed
5,000+

12,392 advisories

Loading
Cross-site scripting (XSS) vulnerability in login.php in Utopia News Pro 1.4.0 allows remote... Low Unreviewed
CVE-2007-3129 was published May 1, 2022
The BN_from_montgomery function in crypto/bn/bn_mont.c in OpenSSL 0.9.8e and earlier does not... Low Unreviewed
CVE-2007-3108 was published May 1, 2022
The signal handling in the Linux kernel before 2.6.22, including 2.6.2, when running on PowerPC... Low Unreviewed
CVE-2007-3107 was published May 1, 2022
usr/log.c in iscsid in open-iscsi (iscsi-initiator-utils) before 2.0-865 uses a semaphore with... Low Unreviewed
CVE-2007-3100 was published May 1, 2022
usr/mgmt_ipc.c in iscsid in open-iscsi (iscsi-initiator-utils) before 2.0-865 checks the client's... Low Unreviewed
CVE-2007-3099 was published May 1, 2022
libclamav/others.c in ClamAV before 0.90.3 and 0.91 before 0.91rc1 uses insecure permissions for... Low Unreviewed
CVE-2007-3024 was published May 1, 2022
Microsoft Windows Server 2003, when time restrictions are in effect for user accounts, generates... Low Unreviewed
CVE-2007-2999 was published May 1, 2022
Cross-site scripting (XSS) vulnerability in calendar.php in Jelsoft vBulletin 3.6.x before 3.6.7... Low Unreviewed
CVE-2007-2909 was published May 1, 2022
The emulated floppy disk controller in Bochs 2.3 allows local users of the guest operating system... Low Unreviewed
CVE-2007-2894 was published May 1, 2022
Integer underflow in the cpuset_tasks_read function in the Linux kernel before 2.6.20.13, and 2.6... Low Unreviewed
CVE-2007-2875 was published May 1, 2022
SpamAssassin 3.1.x, 3.2.0, and 3.2.1 before 20070611, when running as root in unusual... Low Unreviewed
CVE-2007-2873 was published May 1, 2022
The (1) getRule and (2) getChains functions in server/rules.cpp in fireflierd (fireflier-server)... Low Unreviewed
CVE-2007-2837 was published May 1, 2022
xterm, including 192-7.el4 in Red Hat Enterprise Linux and 208-3.1 in Debian GNU/Linux, sets the... Low Unreviewed
CVE-2007-2797 was published May 1, 2022
The viewList function in lib/WebGUI/Asset/Wobject/DataForm.pm in Plain Black WebGUI before 7.3.14... Low Unreviewed
CVE-2007-2746 was published May 1, 2022
The mcrypt_create_iv function in ext/mcrypt/mcrypt.c in PHP before 4.4.7, 5.2.1, and possibly 5.0... Low Unreviewed
CVE-2007-2727 was published May 1, 2022
BEA WebLogic Portal 9.2 GA can corrupt a visitor entitlements role if an administrator provides a... Low Unreviewed
CVE-2007-2703 was published May 1, 2022
Cross-site scripting (XSS) vulnerability in the GroupSpace application in BEA WebLogic Portal 9.2... Low Unreviewed
CVE-2007-2702 was published May 1, 2022
MySQL before 5.1.18 allows remote authenticated users without SELECT privileges to obtain... Low Unreviewed
CVE-2007-2693 was published May 1, 2022
Buffer overflow in Mutt 1.4.2 might allow local users to execute arbitrary code via "&"... Low Unreviewed
CVE-2007-2683 was published May 1, 2022
srsexec in Sun Remote Services (SRS) Net Connect Software Proxy Core package in Sun Solaris 10... Low Unreviewed
CVE-2007-2617 was published May 1, 2022
Unspecified vulnerability in Apple Safari allows local users to obtain sensitive information ... Low Unreviewed
CVE-2007-2580 was published May 1, 2022
CRLF injection vulnerability in the ftp_putcmd function in PHP before 4.4.7, and 5.x before 5.2.2... Low Unreviewed
CVE-2007-2509 was published May 1, 2022
The random number feature in Linux kernel 2.6 before 2.6.20.13, and 2.6.21.x before 2.6.21.4, (1)... Low Unreviewed
CVE-2007-2453 was published May 1, 2022
Apache Tomcat vulnerable to Cross-site Scripting Low
CVE-2007-2450 was published for org.apache.tomcat:tomcat (Maven) May 1, 2022
sunSUNQ MarkLee131
Subversion 1.4.3 and earlier does not properly implement the "partial access" privilege for users... Low Unreviewed
CVE-2007-2448 was published May 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database