Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,666
Maven
5,000+
npm
4,294
NuGet
760
pip
4,073
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,544 advisories

Loading
Splunk 4.2.5 and earlier, when a Free license is selected, enables potentially undesirable... High Unreviewed
CVE-2011-4644 was published May 17, 2022
The host-services component in Symantec pcAnywhere 12.5.x through 12.5.3, and IT Management Suite... High Unreviewed
CVE-2011-3478 was published May 14, 2022
CEServer.exe in the CEServer component in the Remote Agent module in InduSoft Web Studio 6.1 and... High Unreviewed
CVE-2011-4051 was published May 17, 2022
OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters... High Unreviewed
CVE-2010-4478 was published May 17, 2022
The default configuration of Pandora FMS 3.1 and earlier specifies an empty string for the... High Unreviewed
CVE-2010-4279 was published May 14, 2022
Pointter PHP Micro-Blogging Social Network 1.8 allows remote attackers to bypass authentication... High Unreviewed
CVE-2010-4333 was published May 14, 2022
Pointter PHP Content Management System 1.0 allows remote attackers to bypass authentication and... High Unreviewed
CVE-2010-4332 was published May 14, 2022
The pam_lsass library in Likewise Open 5.4 and CIFS 5.4 before build 8046, and 6.0 before build... High Unreviewed
CVE-2010-0833 was published May 2, 2022
Unspecified vulnerability in OpenX 2.8.1 and 2.8.2 allows remote attackers to bypass... High Unreviewed
CVE-2009-4830 was published May 2, 2022
There is a difficult to exploit improper authentication issue in the Home application for Esri... High Unreviewed
CVE-2024-25699 was published Apr 4, 2024
The DMSDP module of the distributed hardware has a vulnerability that may cause imposter control... High Unreviewed
CVE-2022-47976 was published Jan 6, 2023
Saltstack Salt Unauthenticated Arbitrary Code Execution High
CVE-2021-25315 was published for salt (pip) May 24, 2022
Joomla CMS Multi-Factor Authentication Bypass High
CVE-2025-25227 was published for joomla/joomla-cms (Composer) Apr 8, 2025
VRTSweb.exe in VRTSweb in Symantec Backup Exec Continuous Protection Server (CPS) 11d, 12.0, and... High Unreviewed
CVE-2009-3027 was published May 2, 2022
myPhile 1.2.1 allows remote attackers to bypass authentication via an empty password. NOTE: some... High Unreviewed
CVE-2009-4095 was published May 2, 2022
login.php in PhpAddEdit 1.3 allows remote attackers to bypass authentication and gain... High Unreviewed
CVE-2008-6581 was published May 17, 2022
Microsoft Windows 2000 Gold through SP4, XP Gold through SP3, Server 2003 SP1 and SP2, Vista Gold... High Unreviewed
CVE-2008-4037 was published May 2, 2022
PHP Jabbers Post Comment 3.0 allows remote attackers to bypass authentication and gain... High Unreviewed
CVE-2008-4721 was published May 17, 2022
The management console in the Volume Manager Scheduler Service (aka VxSchedService.exe) in... High Unreviewed
CVE-2008-3703 was published May 2, 2022
js/pages/pages_data.php in AuraCMS 2.2 through 2.2.2 does not perform authentication, which... High Unreviewed
CVE-2008-3203 was published May 1, 2022
The management interface in Akamai Client (formerly Red Swoosh) 3322 and earlier allows remote... High Unreviewed
CVE-2008-1106 was published May 1, 2022
The _gnutls_recv_client_kx_message function in lib/gnutls_kx.c in libgnutls in gnutls-serv in... High Unreviewed
CVE-2008-1949 was published May 1, 2022
The cookie authentication method in WordPress 2.5 relies on a hash of a concatenated string... High Unreviewed
CVE-2008-1930 was published May 1, 2022
The ExpandCert function in Apache-SSL before apache_1.3.41+ssl_1.59 does not properly handle (1) ... High Unreviewed
CVE-2008-0555 was published May 1, 2022
cgi/b on the BT Home Hub router allows remote attackers to bypass authentication, and read or... High Unreviewed
CVE-2008-1334 was published May 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database