Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,293
Erlang
31
GitHub Actions
21
Go
2,061
Maven
5,000+
npm
3,744
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

10,766 advisories

Loading
Multiple SSH2 servers and clients do not properly handle strings with null characters in them... High Unreviewed
CVE-2002-1360 was published Apr 30, 2022
Multiple SSH2 servers and clients do not properly handle large packets or large fields, which may... High Unreviewed
CVE-2002-1359 was published Apr 30, 2022
Multiple SSH2 servers and clients do not properly handle lists with empty elements or strings,... High Unreviewed
CVE-2002-1358 was published Apr 30, 2022
The getmxrecord function in Fetchmail 6.0.0 and earlier does not properly check the boundary of a... Moderate Unreviewed
CVE-2002-1175 was published Apr 30, 2022
CardBoard 2.4 greeting card CGI by Michael Barretto allows remote attackers to execute arbitrary... High Unreviewed
CVE-2001-1584 was published Apr 30, 2022
Acme.Serve 1.7, as used in Cisco Secure ACS Unix and possibly other products, allows remote... Moderate Unreviewed
CVE-2001-0748 was published Apr 30, 2022
Cisco Catalyst 2900XL switch allows a remote attacker to create a denial of service via an empty... Moderate Unreviewed
CVE-2001-0566 was published Apr 30, 2022
Vulnerabilities in RPC servers in (1) Microsoft Exchange Server 2000 and earlier, (2) Microsoft... Moderate Unreviewed
CVE-2001-0509 was published Apr 30, 2022
Cisco VPN 3000 series concentrators before 2.5.2(F) allow remote attackers to cause a denial of... High Unreviewed
CVE-2001-0427 was published Apr 30, 2022
The Microsoft Active Movie ActiveX Control in Internet Explorer 5 does not restrict which file... High Unreviewed
CVE-2000-0400 was published Apr 30, 2022
The IOS HTTP service in Cisco routers and switches running IOS 11.1 through 12.1 allows remote... High Unreviewed
CVE-2000-0380 was published Apr 30, 2022
IIS 4.0 and 5.0 allows remote attackers to cause a denial of service by sending many URLs with a... High Unreviewed
CVE-2000-0258 was published Apr 30, 2022
Oracle Web Listener 2.1 allows remote attackers to bypass access restrictions by replacing a... High Unreviewed
CVE-1999-1547 was published Apr 30, 2022
Microsoft SQL 7.0 server allows a remote attacker to cause a denial of service via a malformed... Moderate Unreviewed
CVE-1999-0999 was published Apr 30, 2022
Windows NT Local Security Authority (LSA) allows remote attackers to cause a denial of service... High Unreviewed
CVE-1999-0995 was published Apr 30, 2022
Denial of service in various Windows systems via malformed, fragmented IGMP packets. High Unreviewed
CVE-1999-0918 was published Apr 30, 2022
Denial of service in IIS 4.0 via a flood of HTTP requests with malformed headers. Moderate Unreviewed
CVE-1999-0867 was published Apr 30, 2022
An attacker can conduct a denial of service in Windows NT by executing a program with a malformed... High Unreviewed
CVE-1999-0726 was published Apr 30, 2022
Denial of service in Windows NT Local Security Authority (LSA) through a malformed LSA request. High Unreviewed
CVE-1999-0721 was published Apr 30, 2022
ICMP redirect messages may crash or lock up a host. Moderate Unreviewed
CVE-1999-0265 was published Apr 30, 2022
ip_input.c in BSD-derived TCP/IP implementations allows remote attackers to cause a denial of... Moderate Unreviewed
CVE-1999-0001 was published Apr 30, 2022
It was found that the "mknod" call derived from mknod(2) can create files pointing to devices on... High Unreviewed
CVE-2018-10923 was published Apr 30, 2022
A heap data infoleak in multiple locations including L2CAP_PARSE_CONF_RSP was found in the Linux... Moderate Unreviewed
CVE-2019-3460 was published Apr 30, 2022
The expand function in fio.c in Heirloom mailx 12.5 and earlier and BSD mailx 8.1.2 and earlier... High Unreviewed
CVE-2004-2771 was published Apr 29, 2022
Unspecified vulnerability in Gyach Enhanced (Gyach-E) before 1.0.4 allows remote attackers to... Moderate Unreviewed
CVE-2004-2706 was published Apr 29, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database