Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,285
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,741
NuGet
668
pip
3,422
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,270 advisories

Loading
The web management console in Trend Micro OfficeScan 7.0 through 8.0, Worry-Free Business... High Unreviewed
CVE-2008-2433 was published May 1, 2022
The administration application server in Sun Java Active Server Pages (ASP) Server before 4.0.3... High Unreviewed
CVE-2008-2406 was published May 1, 2022
MyPicGallery 1.0 allows remote attackers to bypass application authentication and gain... High Unreviewed
CVE-2008-2347 was published May 1, 2022
Admin.php in Web Slider 0.6 allows remote attackers to bypass authentication and gain privileges... High Unreviewed
CVE-2008-2298 was published May 1, 2022
admin.php in Internet Photoshow and Internet Photoshow Special Edition (SE) allows remote... High Unreviewed
CVE-2008-2282 was published May 1, 2022
AustinSmoke GasTracker (AS-GasTracker) 1.0.0 allows remote attackers to bypass authentication and... High Unreviewed
CVE-2008-2269 was published May 1, 2022
phShoutBox Final 1.5 and earlier only checks passwords when specified in $_POST, which allows... High Unreviewed
CVE-2008-1971 was published May 1, 2022
The _gnutls_recv_client_kx_message function in lib/gnutls_kx.c in libgnutls in gnutls-serv in... High Unreviewed
CVE-2008-1949 was published May 1, 2022
The cookie authentication method in WordPress 2.5 relies on a hash of a concatenated string... High Unreviewed
CVE-2008-1930 was published May 1, 2022
Cicoandcico CcMail 1.0.1 and earlier does not verify that the this_cookie cookie corresponds to... High Unreviewed
CVE-2008-1904 was published May 1, 2022
admin/sauvBase.php in Blog Pixel Motion (aka Blog PixelMotion) does not require authentication,... High Unreviewed
CVE-2008-1868 was published May 1, 2022
KnowledgeQuest 2.5 and 2.6 does not require authentication for access to admincheck.php, which... High Unreviewed
CVE-2008-1727 was published May 1, 2022
Plone CMS does not record users' authentication states, and implements the logout feature solely... High Unreviewed
CVE-2008-1395 was published May 1, 2022
Gallarific does not require authentication for (1) users.php and (2) index.php, which allows... High Unreviewed
CVE-2008-1327 was published May 1, 2022
cgi/b on the BT Home Hub router allows remote attackers to bypass authentication, and read or... High Unreviewed
CVE-2008-1334 was published May 1, 2022
The administration panel on the Airspan WiMax ProST 4.1 antenna with 6.5.38.0 software does not... High Unreviewed
CVE-2008-1262 was published May 1, 2022
The FTP server on the Linksys WRT54G 7 router with 7.00.1 firmware does not verify authentication... High Unreviewed
CVE-2008-1268 was published May 1, 2022
The Linksys WRT54G router has "admin" as its default FTP password, which allows remote attackers... High Unreviewed
CVE-2008-1264 was published May 1, 2022
cp06_wifi_m_nocifr.cgi in the admin panel on the Alice Gate 2 Plus Wi-Fi router does not verify... High Unreviewed
CVE-2008-1269 was published May 1, 2022
The Zyxel P-2602HW-D1A router with 3.40(AJZ.1) firmware maintains authentication state by IP... High Unreviewed
CVE-2008-1259 was published May 1, 2022
cgi-bin/setup_dns.exe on the Belkin F5D7230-4 router with firmware 9.01.10 does not require... High Unreviewed
CVE-2008-1244 was published May 1, 2022
The Disaster Recovery Framework (DRF) master server in Cisco Unified Communications products,... High Unreviewed
CVE-2008-1154 was published May 1, 2022
The management interface in Akamai Client (formerly Red Swoosh) 3322 and earlier allows remote... High Unreviewed
CVE-2008-1106 was published May 1, 2022
SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x... High Unreviewed
CVE-2008-0960 was published May 1, 2022
EMV DiskXtender 6.20.060 has a hard-coded login and password, which allows remote attackers to... High Unreviewed
CVE-2008-0961 was published May 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database