Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,810
Erlang
36
GitHub Actions
31
Go
2,395
Maven
5,000+
npm
4,030
NuGet
721
pip
3,820
Pub
12
RubyGems
932
Rust
988
Swift
38
Unreviewed advisories
All unreviewed
5,000+

12,203 advisories

Loading
Heap-based buffer overflow in loader_tga.c in imlib2 before 1.2.1, and possibly other versions,... Low Unreviewed
CVE-2006-4808 was published May 1, 2022
loader_tga.c in imlib2 before 1.2.1, and possibly other versions, allows user-assisted remote... Low Unreviewed
CVE-2006-4807 was published May 1, 2022
AlphaMail before 1.0.16 allows local users to obtain sensitive information via the logging... Low Unreviewed
CVE-2006-4787 was published May 1, 2022
PunBB 1.2.12 does not properly handle an avatar directory pathname ending in %00, which allows... Low Unreviewed
CVE-2006-4759 was published May 1, 2022
ScaryBear PocketExpense Pro 3.9.1 uses an internally recorded key to protect a data file whose... Low Unreviewed
CVE-2006-4745 was published May 1, 2022
Multiple cross-site scripting (XSS) vulnerabilities in Jetbox CMS allow remote attackers to... Low Unreviewed
CVE-2006-4739 was published May 1, 2022
Cross-site scripting (XSS) vulnerability in Adobe ColdFusion MX 6.1 through 7.02 allows remote... Low Unreviewed
CVE-2006-4726 was published May 1, 2022
The XMLHTTP ActiveX control in Microsoft XML Parser 2.6 and XML Core Services 3.0 through 6.0... Low Unreviewed
CVE-2006-4685 was published May 1, 2022
TIBCO RendezVous 7.4.11 and earlier logs base64-encoded usernames and passwords in rvrd.db, which... Low Unreviewed
CVE-2006-4676 was published May 1, 2022
Global variable overwrite vulnerability in maincore.php in PHP-Fusion 6.01.4 and earlier uses the... Low Unreviewed
CVE-2006-4673 was published May 1, 2022
AOL ICQ Toolbar 1.3 for Internet Explorer (toolbaru.dll) does not properly validate the origin of... Low Unreviewed
CVE-2006-4661 was published May 1, 2022
Cisco IOS 12.0, 12.1, and 12.2, when GRE IP tunneling is used and the RFC2784 compliance fixes... Low Unreviewed
CVE-2006-4650 was published May 1, 2022
AuditWizard 6.3.2, when using "Remote Audit," logs the administrator password in plaintext to... Low Unreviewed
CVE-2006-4642 was published May 1, 2022
PHP 4.x up to 4.4.4 and PHP 5 up to 5.1.6 allows local users to bypass certain Apache HTTP Server... Low Unreviewed
CVE-2006-4625 was published May 1, 2022
CRLF injection vulnerability in Utils.py in Mailman before 2.1.9rc1 allows remote attackers to... Low Unreviewed
CVE-2006-4624 was published May 1, 2022
The popup blocker in Mozilla Firefox before 1.5.0.7 opens the "blocked popups" display in the... Low Unreviewed
CVE-2006-4569 was published May 1, 2022
Multiple unspecified vulnerabilities in the "utf8 combining characters handling" ... Low Unreviewed
CVE-2006-4573 was published May 1, 2022
Mozilla Firefox before 1.5.0.7 and Thunderbird before 1.5.0.7 makes it easy for users to accept... Low Unreviewed
CVE-2006-4567 was published May 1, 2022
includes/content/gateway.inc.php in CubeCart 3.0.12 and earlier, when magic_quotes_gpc is... Low Unreviewed
CVE-2006-4527 was published May 1, 2022
idmlib.sh in nxdrv in Novell Identity Manager (IDM) 3.0.1 allows local users to execute arbitrary... Low Unreviewed
CVE-2006-4506 was published May 1, 2022
xbiff2 1.9 creates $HOME/.xbiff2rc in a user's home directory with insecure file permissions,... Low Unreviewed
CVE-2006-4493 was published May 1, 2022
pkgadd in Sun Solaris 10 before 20060825 installs files with insecure file and directory... Low Unreviewed
CVE-2006-4439 was published May 1, 2022
User interface inconsistency in Workgroup Manager in Apple Mac OS X 10.4 through 10.4.7 appears... Low Unreviewed
CVE-2006-4399 was published May 1, 2022
CFNetwork in Apple Mac OS X 10.4 through 10.4.7 and 10.3.9 allows remote SSL sites to appear as... Low Unreviewed
CVE-2006-4390 was published May 1, 2022
Unspecified vulnerability in LoginWindow in Apple Mac OS X 10.4 through 10.4.7, when Fast User... Low Unreviewed
CVE-2006-4393 was published May 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database