Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,779
Erlang
36
GitHub Actions
29
Go
2,338
Maven
5,000+
npm
3,972
NuGet
714
pip
3,769
Pub
12
RubyGems
923
Rust
976
Swift
38
Unreviewed advisories
All unreviewed
5,000+

12,061 advisories

Loading
Unspecified vulnerability in HP-UX B.11.00, B.11.11 and B.11.23, when running in trusted mode,... Low Unreviewed
CVE-2006-4187 was published May 1, 2022
Simpliciti Locked Browser does not properly limit a user's actions to ones within the intended... Low Unreviewed
CVE-2006-4092 was published May 1, 2022
DeluxeBB 1.08, and possibly earlier, uses cookies that include the MD5 hash of a password, which... Low Unreviewed
CVE-2006-4080 was published May 1, 2022
Sign extension vulnerability in the createBrushIndirect function in the GDI library (gdi32.dll)... Low Unreviewed
CVE-2006-4071 was published May 1, 2022
The Graphical Device Interface Plus library (gdiplus.dll) in Microsoft Windows XP SP2 allows... Low Unreviewed
CVE-2006-4066 was published May 1, 2022
Unspecified vulnerability in the utxconfig utility in Sun Ray Server Software 3.x allows local... Low Unreviewed
CVE-2006-4049 was published May 1, 2022
MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access a table through a... Low Unreviewed
CVE-2006-4031 was published May 1, 2022
The cryptographic module in ScatterChat 1.0.x allows attackers to identify patterns in large... Low Unreviewed
CVE-2006-4021 was published May 1, 2022
PHP remote file inclusion vulnerability in esupport/admin/autoclose.php in Kayako eSupport 2.3.1... Low Unreviewed
CVE-2006-4011 was published May 1, 2022
Stack-based buffer overflow in NDFXArtEffects in Microsoft Internet Explorer 6 on Windows XP SP2... Low Unreviewed
CVE-2006-3943 was published May 1, 2022
Cross-site scripting (XSS) vulnerability in Alkacon OpenCms before 6.2.2 allows remote... Low Unreviewed
CVE-2006-3933 was published May 1, 2022
Cross-site scripting (XSS) vulnerability in add.php in Fire-Mouse Toplist 1.1 and earlier, when... Low Unreviewed
CVE-2006-3923 was published May 1, 2022
Stack-based buffer overflow in the SFX module in WinRAR before 3.60 beta 8 has unspecified... Low Unreviewed
CVE-2006-3912 was published May 1, 2022
Opsware Network Automation System (NAS) 6.0 installs /etc/init.d/mysql with insecure permissions,... Low Unreviewed
CVE-2006-3878 was published May 1, 2022
IBM Informix Dynamic Server (IDS) before 9.40.xC7 and 10.00 before 10.00.xC3 allows local users... Low Unreviewed
CVE-2006-3856 was published May 1, 2022
IBM Informix Dynamic Server (IDS) before 9.40.xC8 and 10.00 before 10.00.xC4 stores passwords in... Low Unreviewed
CVE-2006-3858 was published May 1, 2022
Cross-site scripting (XSS) vulnerability in WebScarab before 20060718-1904, when used with... Low Unreviewed
CVE-2006-3841 was published May 1, 2022
Cross-site scripting (XSS) vulnerability in CGI wrapper for IP Calculator (IPCalc) 0.40 allows... Low Unreviewed
CVE-2006-3848 was published May 1, 2022
The IPv4 implementation in Sun Solaris 10 before 20060721 allows local users to select routes... Low Unreviewed
CVE-2006-3825 was published May 1, 2022
heartbeat.c in heartbeat before 2.0.6 sets insecure permissions in a shmget call for shared... Low Unreviewed
CVE-2006-3815 was published May 1, 2022
A regression error in the Perl package for Red Hat Enterprise Linux 4 omits the patch for CVE... Low Unreviewed
CVE-2006-3813 was published May 1, 2022
Symantec pcAnywhere 12.5 obfuscates the passwords in a GUI textbox with asterisks but does not... Low Unreviewed
CVE-2006-3785 was published May 1, 2022
kpf4ss.exe in Sunbelt Kerio Personal Firewall 4.3.x before 4.3.268 does not properly hook the... Low Unreviewed
CVE-2006-3787 was published May 1, 2022
Multiple cross-site scripting (XSS) vulnerabilities in DeluxeBB before 1.08 allow remote... Low Unreviewed
CVE-2006-3795 was published May 1, 2022
Symantec pcAnywhere 12.5 uses weak integrity protection for .cif (aka caller or CallerID) files,... Low Unreviewed
CVE-2006-3786 was published May 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database