Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,373
Erlang
33
GitHub Actions
22
Go
2,135
Maven
5,000+
npm
3,797
NuGet
687
pip
3,478
Pub
12
RubyGems
896
Rust
897
Swift
38
Unreviewed advisories
All unreviewed
5,000+

10,867 advisories

Loading
The session_start function in ext/session in PHP 4.x up to 4.4.7 and 5.x up to 5.2.3 allows... Moderate Unreviewed
CVE-2007-3799 was published May 1, 2022
MySQL Community Server before 5.0.45 allows remote attackers to cause a denial of service (daemon... Moderate Unreviewed
CVE-2007-3780 was published May 1, 2022
Mail in Apple iPhone 1.1.1 allows remote user-assisted attackers to force the iPhone user to make... Moderate Unreviewed
CVE-2007-3755 was published May 1, 2022
Apple iPhone 1.1.1, with Bluetooth enabled, allows physically proximate attackers to cause a... High Unreviewed
CVE-2007-3753 was published May 1, 2022
Safari in Apple iPhone 1.1.1 allows remote user-assisted attackers to trick the iPhone user into... Moderate Unreviewed
CVE-2007-3757 was published May 1, 2022
The Linux kernel 2.6.20 and 2.6.21 does not properly handle an invalid LDT segment selector in ... Moderate Unreviewed
CVE-2007-3731 was published May 1, 2022
The Java XML Digital Signature implementation in Sun JDK and JRE 6 before Update 2 does not... High Unreviewed
CVE-2007-3716 was published May 1, 2022
Unspecified vulnerability in TOS 2.1.x, 2.2.x before 2.2.5, and 2.5.x before 2.5.2 on... High Unreviewed
CVE-2007-3711 was published May 1, 2022
Sun Java System Application Server and Web Server 7.0 through 9.0 before 20070710 do not properly... High Unreviewed
CVE-2007-3715 was published May 1, 2022
TippingPoint IPS before 20070710 does not properly handle a hex-encoded alternate Unicode '/' ... High Unreviewed
CVE-2007-3701 was published May 1, 2022
The NCTAudioEditor2 ActiveX control in NCTWMAFile2.dll 2.6.2.157, as distributed in... High Unreviewed
CVE-2007-3400 was published May 1, 2022
Wireshark 0.99.5 allows remote attackers to cause a denial of service (memory consumption) via a... High Unreviewed
CVE-2007-3391 was published May 1, 2022
Wireshark before 0.99.6 allows remote attackers to cause a denial of service (crash) via a... Moderate Unreviewed
CVE-2007-3389 was published May 1, 2022
The GDM daemon in GNOME Display Manager (GDM) before 2.14.13, 2.16.x before 2.16.7, 2.18.x before... Low Unreviewed
CVE-2007-3381 was published May 1, 2022
masterCGI in the Unified Maintenance Tool in Alcatel OmniPCX Enterprise Communication Server R7.1... High Unreviewed
CVE-2007-3010 was published May 1, 2022
Multiple F-Secure anti-virus products for Microsoft Windows and Linux before 20070522 allow... High Unreviewed
CVE-2007-2967 was published May 1, 2022
Multiple stack-based buffer overflows in Microsoft Visual Basic 6 allow user-assisted remote... High Unreviewed
CVE-2007-2884 was published May 1, 2022
The embedded Linux kernel in certain Sun-Brocade SilkWorm switches before 20070516 does not... High Unreviewed
CVE-2007-2764 was published May 1, 2022
CRLF injection vulnerability in the ftp_putcmd function in PHP before 4.4.7, and 5.x before 5.2.2... Low Unreviewed
CVE-2007-2509 was published May 1, 2022
WebKit in Apple Safari 3 Beta before Update 3.0.3 does not properly recognize an unchecked ... Moderate Unreviewed
CVE-2007-2408 was published May 1, 2022
NMMediaServer.exe in Nero MediaHome 2.5.5.0 and CE 1.3.0.4 allows remote attackers to cause a... High Unreviewed
CVE-2007-2322 was published May 1, 2022
CRLF injection vulnerability in the Digest Authentication support for Mozilla Firefox before 2.0... Moderate Unreviewed
CVE-2007-2292 was published May 1, 2022
A typo in Linux kernel 2.6 before 2.6.21-rc6 and 2.4 before 2.4.35 causes RTA_MAX to be used as... Moderate Unreviewed
CVE-2007-2172 was published May 1, 2022
bgpd/bgp_attr.c in Quagga 0.98.6 and earlier, and 0.99.6 and earlier 0.99 versions, does not... Moderate Unreviewed
CVE-2007-1995 was published May 1, 2022
The Impulse Tracker (IT) and ScreamTracker 3 (S3M) modules in IN_MOD.DLL in AOL Nullsoft Winamp 5... High Unreviewed
CVE-2007-1922 was published May 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database