GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,828
Composer 4,768
Erlang 35
GitHub Actions 29
Go 2,332
Maven 5,625
npm 3,965
NuGet 713
pip 3,748
Pub 12
RubyGems 921
Rust 975
Swift 38

Unreviewed advisories

All unreviewed 259,037

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

9,608 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

FTP backend for Duplicity Discloses Passwords to Process Listing Moderate

CVE-2007-5201 was published for duplicity (pip) May 1, 2022

Quicksilver Forums before 1.4.1 allows remote attackers to obtain sensitive information by... Moderate Unreviewed

CVE-2007-5172 was published May 1, 2022

SimpGB 1.46.02 stores sensitive information under the web root with insufficient access control,... Moderate Unreviewed

CVE-2007-5129 was published May 1, 2022

ELinks before 0.11.3, when sending a POST request for an https URL, appends the body and content... Moderate Unreviewed

CVE-2007-5034 was published May 1, 2022

Dibbler 0.6.0 on Linux uses weak world-writable permissions for unspecified files in /var/lib... High Unreviewed

CVE-2007-5028 was published May 1, 2022

Unspecified vulnerability in certain IBM Tivoli Storage Manager (TSM) clients 5.1 before 5.1.8.1,... Moderate Unreviewed

CVE-2007-5022 was published May 1, 2022

webbatch.exe in WebBatch allows remote attackers to obtain sensitive information via the... Moderate Unreviewed

CVE-2007-5011 was published May 1, 2022

The SOCKS4 Proxy in Microsoft Internet Security and Acceleration (ISA) Server 2004 SP1 and SP2... Moderate Unreviewed

CVE-2007-4991 was published May 1, 2022

SAXON 5.4, with display_errors enabled, allows remote attackers to obtain sensitive information... Moderate Unreviewed

CVE-2007-4861 was published May 1, 2022

The Networking component in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to obtain... Moderate Unreviewed

CVE-2007-4688 was published May 1, 2022

The Services API in Firebird before 2.0.2 allows remote authenticated users without SYSDBA... Moderate Unreviewed

CVE-2007-4669 was published May 1, 2022

backup-manager-upload in Backup Manager before 0.6.3 provides the FTP server hostname, username,... Low Unreviewed

CVE-2007-4656 was published May 1, 2022

Unspecified vulnerability in HP ProCurve Manager and HP ProCurve Manager Plus 2.3 and earlier... Moderate Unreviewed

CVE-2007-4514 was published May 1, 2022

The eHCA driver in Linux kernel 2.6 before 2.6.22, when running on PowerPC, does not properly map... Low Unreviewed

CVE-2007-3850 was published May 1, 2022

Safari in Apple iPhone 1.1.1, and Safari 3 before Beta Update 3.0.4 on Windows and Mac OS X 10.4... Moderate Unreviewed

CVE-2007-3756 was published May 1, 2022

class/page.php in Farsi Script (aka FaScript) FaName 1.0 allows remote attackers to obtain... Moderate Unreviewed

CVE-2007-3651 was published May 1, 2022

myWebland myBloggie 2.1.6 allow remote attackers to obtain sensitive information via (1) an... Moderate Unreviewed

CVE-2007-3650 was published May 1, 2022

Apache Tomcat Mishandles Character Sequence in Cookies Moderate

CVE-2007-3385 was published for org.apache.tomcat:tomcat (Maven) May 1, 2022

Apache Tomcat treats single quotes as delimiters in cookies Moderate

CVE-2007-3382 was published for org.apache.tomcat:tomcat (Maven) May 1, 2022

Mozilla Firefox 2.0.0.4 and earlier allows remote attackers to read files in the local Firefox... Moderate Unreviewed

CVE-2007-3074 was published May 1, 2022

PsychoStats 3.0.6b and earlier allows remote attackers to obtain sensitive information via a... Moderate Unreviewed

CVE-2007-2780 was published May 1, 2022

OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, allows remote attackers to... Moderate Unreviewed

CVE-2007-2768 was published May 1, 2022

The substr_count function in PHP 5.2.1 and earlier allows context-dependent attackers to obtain... Moderate Unreviewed

CVE-2007-2748 was published May 1, 2022

Nokia Intellisync Mobile Suite 6.4.31.2, 6.6.0.107, and 6.6.2.2, possibly involving Novell... Moderate Unreviewed

CVE-2007-2590 was published May 1, 2022

The RecentChanges feature in WikkaWiki (Wikka Wiki) before 1.1.6.3 allows remote attackers to... Moderate Unreviewed

CVE-2007-2552 was published May 1, 2022

Previous 1 2 … 359 360 361 362 363 … 384 385 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

9,608 advisories