Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+

11,257 advisories

Loading
CDRDAO 1.1.4 and 1.1.5 allows local users to read arbitrary files via the show-data command. Low Unreviewed
CVE-2002-0138 was published Apr 30, 2022
efax 0.9 and earlier, when installed setuid root, allows local users to read arbitrary files via... Low Unreviewed
CVE-2002-0129 was published Apr 30, 2022
PHP 4.0 through 4.1.1 stores session IDs in temporary files whose name contains the session ID,... Low Unreviewed
CVE-2002-0121 was published Apr 30, 2022
Apple Palm Desktop 4.0b76 and 4.0b77 creates world-readable backup files and folders when a... Low Unreviewed
CVE-2002-0120 was published Apr 30, 2022
Nevrona Designs MiraMail 1.04 and earlier stores authentication information such as POP usernames... Low Unreviewed
CVE-2002-0110 was published Apr 30, 2022
bindsock in Lotus Domino 5.07 on Solaris allows local users to create arbitrary files via a... Low Unreviewed
CVE-2002-0087 was published Apr 30, 2022
rsync, when running in daemon mode, does not properly call setgroups before dropping privileges,... Low Unreviewed
CVE-2002-0080 was published Apr 30, 2022
GNU Enscript 1.6.1 and earlier allows local users to overwrite arbitrary files of the Enscript... Low Unreviewed
CVE-2002-0044 was published Apr 30, 2022
Unknown vulnerability in SCO OpenServer 5.0.6 and earlier allows local users to modify critical... Low Unreviewed
CVE-2001-1578 was published Apr 30, 2022
The tempname_ensure function in lib/routines.h in a2ps 4.14 and earlier, as used by the spy_user... Low Unreviewed
CVE-2001-1593 was published Apr 30, 2022
setrlimit in HP-UX 10.01, 10.10, 10.24, 10.20, 11.00, 11.04 and 11.11 does not properly enforce... Low Unreviewed
CVE-2001-1564 was published Apr 30, 2022
Windows XP with fast user switching and account lockout enabled allows local users to deny user... Low Unreviewed
CVE-2001-1570 was published Apr 30, 2022
Point to Point Protocol daemon (pppd) in MacOS x 10.0 and 10.1 through 10.1.5 provides the... Low Unreviewed
CVE-2001-1565 was published Apr 30, 2022
ZoneAlarm 2.1 through 2.6 and ZoneAlarm Pro 2.4 and 2.6 allows local users to bypass filtering... Low Unreviewed
CVE-2001-1548 was published Apr 30, 2022
Win32k.sys (aka Graphics Device Interface (GDI)) in Windows 2000 and XP allows local users to... Low Unreviewed
CVE-2001-1560 was published Apr 30, 2022
Tiny Personal Firewall 1.0 and 2.0 allows local users to bypass filtering via non-standard TCP... Low Unreviewed
CVE-2001-1549 was published Apr 30, 2022
The uipc system calls (uipc_syscalls.c) in OpenBSD 2.9 and 3.0 provide user mode return instead... Low Unreviewed
CVE-2001-1559 was published Apr 30, 2022
CentraOne 5.2 and Centra ASP with basic authentication enabled creates world-writable base64... Low Unreviewed
CVE-2001-1550 was published Apr 30, 2022
Linux kernel 2.2.19 enables CAP_SYS_RESOURCE for setuid processes, which allows local users to... Low Unreviewed
CVE-2001-1551 was published Apr 30, 2022
mod_usertrack in Apache 1.3.11 through 1.3.20 generates session ID's using predictable... Low Unreviewed
CVE-2001-1534 was published Apr 30, 2022
Cross-site scripting (XSS) vulnerability in user.php in PostNuke 0.64 allows remote attackers to... Low Unreviewed
CVE-2001-1521 was published Apr 30, 2022
easyNews 1.5 and earlier stores administration passwords in cleartext in settings.php, which... Low Unreviewed
CVE-2001-1527 was published Apr 30, 2022
Xircom REX 6000 allows local users to obtain the 10 digit PIN by starting a serial monitor,... Low Unreviewed
CVE-2001-1520 was published Apr 30, 2022
** DISPUTED ** RunAs (runas.exe) in Windows 2000 allows local users to create a spoofed named... Low Unreviewed
CVE-2001-1519 was published Apr 30, 2022
** DISPUTED ** RunAs (runas.exe) in Windows 2000 stores cleartext authentication information in... Low Unreviewed
CVE-2001-1517 was published Apr 30, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database