Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+

10,919 advisories

Loading
The Disney Go Express Search allows remote attackers to access and modify search information for... Low Unreviewed
CVE-1999-1009 was published Apr 30, 2022
Cisco Cache Engine allows a remote attacker to gain access via a null username and password. Low Unreviewed
CVE-1999-1001 was published Apr 30, 2022
Error messages generated by gdm with the VerboseAuth setting allows an attacker to identify valid... Low Unreviewed
CVE-1999-0990 was published Apr 30, 2022
Sendmail allows local users to reinitialize the aliases database via the newaliases command, then... Low Unreviewed
CVE-1999-0976 was published Apr 30, 2022
MajorCool mj_key_cache program allows local users to modify files via a symlink attack. Low Unreviewed
CVE-1999-0957 was published Apr 30, 2022
FreeBSD VFS cache (vfs_cache) allows local users to cause a denial of service by opening a large... Low Unreviewed
CVE-1999-0912 was published Apr 30, 2022
WebTrends software stores account names and passwords in a file which does not have restricted... Low Unreviewed
CVE-1999-0916 was published Apr 30, 2022
sccw allows local users to read arbitrary files. Low Unreviewed
CVE-1999-0907 was published Apr 30, 2022
Alibaba web server allows remote attackers to execute commands via a pipe character in a... Low Unreviewed
CVE-1999-0885 was published Apr 30, 2022
userOsa in SCO OpenServer allows local users to corrupt files via a symlink attack. Low Unreviewed
CVE-1999-0893 was published Apr 30, 2022
Internet Explorer 3.x to 4.01 allows a remote attacker to insert malicious content into a frame... Low Unreviewed
CVE-1999-0869 was published Apr 30, 2022
Internet Explorer 4.0 and 4.01 allow a remote attacker to read files via IE's cross frame... Low Unreviewed
CVE-1999-0871 was published Apr 30, 2022
Internet Explorer 4.01 allows remote attackers to read arbitrary files by pasting a file name... Low Unreviewed
CVE-1999-0870 was published Apr 30, 2022
Race condition in the SSL ISAPI filter in IIS and other servers may leak information in plaintext. Low Unreviewed
CVE-1999-0861 was published Apr 30, 2022
Insecure directory permissions in RPM distribution for PostgreSQL allows local users to gain... Low Unreviewed
CVE-1999-0862 was published Apr 30, 2022
FreeBSD gdc program allows local users to modify files via a symlink attack. Low Unreviewed
CVE-1999-0857 was published Apr 30, 2022
Solaris arp allows local users to read files via the -f parameter, which lists lines in the file... Low Unreviewed
CVE-1999-0859 was published Apr 30, 2022
Solaris chkperm allows local users to read files owned by bin via the VMSYS environmental... Low Unreviewed
CVE-1999-0860 was published Apr 30, 2022
The default permissions for Endymion MailMan allow local users to read email or modify files. Low Unreviewed
CVE-1999-0850 was published Apr 30, 2022
UnixWare pkg commands such as pkginfo, pkgcat, and pkgparam allow local users to read arbitrary... Low Unreviewed
CVE-1999-0828 was published Apr 30, 2022
By default, Internet Explorer 5.0 and other versions enables the "Navigate sub-frames across... Low Unreviewed
CVE-1999-0827 was published Apr 30, 2022
The default permissions for UnixWare /var/mail allow local users to read and modify other users'... Low Unreviewed
CVE-1999-0825 was published Apr 30, 2022
NIS finger allows an attacker to conduct a denial of service via a large number of finger... Low Unreviewed
CVE-1999-0797 was published Apr 30, 2022
The fwluser script in AIX eNetwork Firewall allows local users to write to arbitrary files via a... Low Unreviewed
CVE-1999-0803 was published Apr 30, 2022
A remote attacker can read information from a Netscape user's cache via JavaScript. Low Unreviewed
CVE-1999-0790 was published Apr 30, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database