GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
10,919 advisories
Filter by severity
The Disney Go Express Search allows remote attackers to access and modify search information for...
Low
Unreviewed
CVE-1999-1009
was published
Apr 30, 2022
Cisco Cache Engine allows a remote attacker to gain access via a null username and password.
Low
Unreviewed
CVE-1999-1001
was published
Apr 30, 2022
Error messages generated by gdm with the VerboseAuth setting allows an attacker to identify valid...
Low
Unreviewed
CVE-1999-0990
was published
Apr 30, 2022
Sendmail allows local users to reinitialize the aliases database via the newaliases command, then...
Low
Unreviewed
CVE-1999-0976
was published
Apr 30, 2022
MajorCool mj_key_cache program allows local users to modify files via a symlink attack.
Low
Unreviewed
CVE-1999-0957
was published
Apr 30, 2022
FreeBSD VFS cache (vfs_cache) allows local users to cause a denial of service by opening a large...
Low
Unreviewed
CVE-1999-0912
was published
Apr 30, 2022
WebTrends software stores account names and passwords in a file which does not have restricted...
Low
Unreviewed
CVE-1999-0916
was published
Apr 30, 2022
sccw allows local users to read arbitrary files.
Low
Unreviewed
CVE-1999-0907
was published
Apr 30, 2022
Alibaba web server allows remote attackers to execute commands via a pipe character in a...
Low
Unreviewed
CVE-1999-0885
was published
Apr 30, 2022
userOsa in SCO OpenServer allows local users to corrupt files via a symlink attack.
Low
Unreviewed
CVE-1999-0893
was published
Apr 30, 2022
Internet Explorer 3.x to 4.01 allows a remote attacker to insert malicious content into a frame...
Low
Unreviewed
CVE-1999-0869
was published
Apr 30, 2022
Internet Explorer 4.0 and 4.01 allow a remote attacker to read files via IE's cross frame...
Low
Unreviewed
CVE-1999-0871
was published
Apr 30, 2022
Internet Explorer 4.01 allows remote attackers to read arbitrary files by pasting a file name...
Low
Unreviewed
CVE-1999-0870
was published
Apr 30, 2022
Race condition in the SSL ISAPI filter in IIS and other servers may leak information in plaintext.
Low
Unreviewed
CVE-1999-0861
was published
Apr 30, 2022
Insecure directory permissions in RPM distribution for PostgreSQL allows local users to gain...
Low
Unreviewed
CVE-1999-0862
was published
Apr 30, 2022
FreeBSD gdc program allows local users to modify files via a symlink attack.
Low
Unreviewed
CVE-1999-0857
was published
Apr 30, 2022
Solaris arp allows local users to read files via the -f parameter, which lists lines in the file...
Low
Unreviewed
CVE-1999-0859
was published
Apr 30, 2022
Solaris chkperm allows local users to read files owned by bin via the VMSYS environmental...
Low
Unreviewed
CVE-1999-0860
was published
Apr 30, 2022
The default permissions for Endymion MailMan allow local users to read email or modify files.
Low
Unreviewed
CVE-1999-0850
was published
Apr 30, 2022
UnixWare pkg commands such as pkginfo, pkgcat, and pkgparam allow local users to read arbitrary...
Low
Unreviewed
CVE-1999-0828
was published
Apr 30, 2022
By default, Internet Explorer 5.0 and other versions enables the "Navigate sub-frames across...
Low
Unreviewed
CVE-1999-0827
was published
Apr 30, 2022
The default permissions for UnixWare /var/mail allow local users to read and modify other users'...
Low
Unreviewed
CVE-1999-0825
was published
Apr 30, 2022
NIS finger allows an attacker to conduct a denial of service via a large number of finger...
Low
Unreviewed
CVE-1999-0797
was published
Apr 30, 2022
The fwluser script in AIX eNetwork Firewall allows local users to write to arbitrary files via a...
Low
Unreviewed
CVE-1999-0803
was published
Apr 30, 2022
A remote attacker can read information from a Netscape user's cache via JavaScript.
Low
Unreviewed
CVE-1999-0790
was published
Apr 30, 2022
ProTip!
Advisories are also available from the
GraphQL API