GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,440
Erlang
29
GitHub Actions
16
Go
1,666
Maven
4,927
npm
3,454
NuGet
594
pip
2,862
Pub
10
RubyGems
823
Rust
766
Swift
34
Unreviewed advisories
All unreviewed
5,000+
31 advisories
Filter by severity
Heap-based buffer overflow in Microsoft SQL Server 2000 SP4, 8.00.2050, 8.00.2039, and earlier;...
High
Unreviewed
CVE-2008-5416
was published
May 14, 2022
Scrubber.py in Mailman 2.1.5-8 does not properly handle UTF8 character encodings in filenames of...
Moderate
Unreviewed
CVE-2005-3573
was published
May 3, 2022
Buffer overflow in the Decrypt::makeFileKey2 function in Decrypt.cc for xpdf 3.00 and earlier...
High
Unreviewed
CVE-2005-0064
was published
May 3, 2022
The wake_futex_pi function in kernel/futex.c in the Linux kernel before 2.6.33-rc7 does not...
Low
Unreviewed
CVE-2010-0622
was published
May 2, 2022
The do_pages_move function in mm/migrate.c in the Linux kernel before 2.6.33-rc7 does not...
Moderate
Unreviewed
CVE-2010-0415
was published
May 2, 2022
drivers/connector/connector.c in the Linux kernel before 2.6.32.8 allows local users to cause a...
Moderate
Unreviewed
CVE-2010-0410
was published
May 2, 2022
The Linux kernel before 2.6.32.4 allows local users to gain privileges or cause a denial of...
Moderate
Unreviewed
CVE-2010-0291
was published
May 2, 2022
net/bridge/netfilter/ebtables.c in the ebtables module in the netfilter framework in the Linux...
Low
Unreviewed
CVE-2010-0007
was published
May 2, 2022
The print_fatal_signal function in kernel/signal.c in the Linux kernel before 2.6.32.4 on the...
Moderate
Unreviewed
CVE-2010-0003
was published
May 2, 2022
The ext4_decode_error function in fs/ext4/super.c in the ext4 filesystem in the Linux kernel...
High
Unreviewed
CVE-2009-4308
was published
May 2, 2022
Buffer overflow in Microsoft SQL Server 2005 SP1 and SP2, and 2005 Express Edition SP1 and SP2,...
High
Unreviewed
CVE-2008-0106
was published
May 1, 2022
Integer underflow in SQL Server 7.0 SP4, 2000 SP4, 2005 SP1 and SP2, 2000 Desktop Engine (MSDE...
High
Unreviewed
CVE-2008-0107
was published
May 1, 2022
SQL Server 7.0 SP4, 2000 SP4, 2005 SP1 and SP2, 2000 Desktop Engine (MSDE 2000) SP4, 2005 Express...
Moderate
Unreviewed
CVE-2008-0085
was published
May 1, 2022
Multiple buffer overflows in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5...
High
Unreviewed
CVE-2006-6731
was published
May 1, 2022
tiki-view_forum_thread.php in TikiWiki 1.9.0 through 1.9.2 allows remote attackers to obtain the...
Moderate
Unreviewed
CVE-2005-3529
was published
May 1, 2022
Cross-site scripting (XSS) vulnerability in tiki-view_forum_thread.php in TikiWiki 1.9.0 through...
Moderate
Unreviewed
CVE-2005-3528
was published
May 1, 2022
Format string vulnerability in the paginit command in IBM AIX 5.3, and possibly other versions,...
High
Unreviewed
CVE-2005-2236
was published
May 1, 2022
Desktop Rover 3.0, and possibly earlier versions, allows remote attackers to cause a denial of...
Moderate
Unreviewed
CVE-2005-1204
was published
May 1, 2022
PostgreSQL (pgsql) 7.4.x, 7.2.x, and other versions allows local users to load arbitrary shared...
Moderate
Unreviewed
CVE-2005-0227
was published
May 1, 2022
The PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local...
Moderate
Unreviewed
CVE-2005-0155
was published
May 1, 2022
Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support ...
Low
Unreviewed
CVE-2005-0156
was published
May 1, 2022
ClamAV 0.80 and earlier allows remote attackers to cause a denial of service (clamd daemon crash)...
Moderate
Unreviewed
CVE-2005-0133
was published
May 1, 2022
Memory leak in the NTLM fakeauth_auth helper for Squid 2.5.STABLE7 and earlier allows remote...
Moderate
Unreviewed
CVE-2005-0096
was published
May 1, 2022
The NTLM component in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of...
Moderate
Unreviewed
CVE-2005-0097
was published
May 1, 2022
The WCCP message parsing code in Squid 2.5.STABLE7 and earlier allows remote attackers to cause a...
Moderate
Unreviewed
CVE-2005-0095
was published
May 1, 2022
ProTip!
Advisories are also available from the
GraphQL API