Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,344
Erlang
31
GitHub Actions
22
Go
2,109
Maven
5,000+
npm
3,765
NuGet
680
pip
3,453
Pub
12
RubyGems
892
Rust
887
Swift
37
Unreviewed advisories
All unreviewed
5,000+

11,385 advisories

Loading
Oi! Email Marketing System 3.0 (aka Oi! 3) stores the server's FTP password in cleartext on a... Low Unreviewed
CVE-2006-0920 was published May 1, 2022
Melange Chat Server (aka M-Chat), when accessed via a web browser, automatically sends cookies... Low Unreviewed
CVE-2006-0917 was published May 1, 2022
Crypt::CBC Perl module 2.16 and earlier, when running in RandomIV mode, uses an initialization... Low Unreviewed
CVE-2006-0898 was published May 1, 2022
index.php in Invision Power Board (IPB) 2.0.1, with Code Confirmation disabled, allows remote... Low Unreviewed
CVE-2006-0888 was published May 1, 2022
IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 stores cleartext passwords in the (1) CMS_DBPASS, ... Low Unreviewed
CVE-2006-0838 was published May 1, 2022
IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 has world-readable permissions for (1) /etc... Low Unreviewed
CVE-2006-0837 was published May 1, 2022
Mozilla Thunderbird 1.5 allows user-assisted attackers to cause an unspecified denial of service... Low Unreviewed
CVE-2006-0836 was published May 1, 2022
Unspecified vulnerability in config.php in Skate Board 0.9 allows remote authenticated... Low Unreviewed
CVE-2006-0810 was published May 1, 2022
Cross-site scripting (XSS) vulnerability in the NS-Languages module for PostNuke 0.761 and... Low Unreviewed
CVE-2006-0802 was published May 1, 2022
Interpretation conflict in PostNuke 0.761 and earlier allows remote attackers to conduct cross... Low Unreviewed
CVE-2006-0800 was published May 1, 2022
Cross-site scripting (XSS) vulnerability in calendar.php in MyBulletinBoard (MyBB) 1.0.4 allows... Low Unreviewed
CVE-2006-0770 was published May 1, 2022
LightTPD 1.4.8 and earlier, when the web root is on a case-insensitive filesystem, allows remote... Low Unreviewed
CVE-2006-0760 was published May 1, 2022
Memory leak in Microsoft Internet Explorer 6 for Windows XP Service Pack 2 allows remote... Low Unreviewed
CVE-2006-0753 was published May 1, 2022
Linux kernel before 2.6.15.5, when running on Intel processors, allows local users to cause a... Low Unreviewed
CVE-2006-0741 was published May 1, 2022
** DISPUTED ** Cross-site scripting (XSS) vulnerability in WordPress 2.0.0 allows remote... Low Unreviewed
CVE-2006-0733 was published May 1, 2022
profile.php in Reamday Enterprises Magic News Lite 1.2.3, when register_globals is enabled,... Low Unreviewed
CVE-2006-0724 was published May 1, 2022
PHP remote file inclusion vulnerability in preview.php in Reamday Enterprises Magic News Lite 1.2... Low Unreviewed
CVE-2006-0723 was published May 1, 2022
settings.php in Reamday Enterprises Magic Downloads 1.1.3, when register_globals is enabled,... Low Unreviewed
CVE-2006-0722 was published May 1, 2022
iE Integrator 4.4.220114, when configured without a "bespoke error page" in acm.ini, allows... Low Unreviewed
CVE-2006-0704 was published May 1, 2022
PostgreSQL 7.3.x before 7.3.14, 7.4.x before 7.4.12, 8.0.x before 8.0.7, and 8.1.x before 8.1.3,... Low Unreviewed
CVE-2006-0678 was published May 1, 2022
Cross-site scripting (XSS) vulnerability in Softcomplex PHP Event Calendar 1.5 allows remote... Low Unreviewed
CVE-2006-0657 was published May 1, 2022
Orbicule Undercover allows attackers with physical or root access to disable the protection by... Low Unreviewed
CVE-2006-0640 was published May 1, 2022
Orbicule Undercover uses a third-party web server to determine the IP address through which the... Low Unreviewed
CVE-2006-0641 was published May 1, 2022
The PSCipher function in PeopleSoft People Tools 8.4x uses PKCS #5 with a fixed DES key to store... Low Unreviewed
CVE-2006-0584 was published May 1, 2022
Unspecified vulnerability in rshd in Heimdal 0.6.x before 0.6.6 and 0.7.x before 0.7.2, when... Low Unreviewed
CVE-2006-0582 was published May 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database