GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,992
Erlang
29
GitHub Actions
16
Go
1,782
Maven
5,000+
npm
3,544
NuGet
619
pip
3,134
Pub
10
RubyGems
838
Rust
795
Swift
34
Unreviewed advisories
All unreviewed
5,000+
315 advisories
Filter by severity
Crash in the USB HID protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial of service via...
High
Unreviewed
CVE-2022-3724
was published
Dec 9, 2022
Mishandling of format strings in rusqlite
Critical
CVE-2020-35869
was published
for
rusqlite
(Rust)
Aug 25, 2021
Mishandling of format strings in ncurses
High
CVE-2019-15547
was published
for
ncurses
(Rust)
Aug 25, 2021
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected...
Moderate
Unreviewed
CVE-2022-43619
was published
Mar 29, 2023
A use of externally-controlled format string in Fortinet FortiWeb version 7.0.0 through 7.0.1,...
High
Unreviewed
CVE-2023-23783
was published
Feb 16, 2023
IBM Spectrum Scale (5.1.0.0 through 5.1.2.8 and 5.1.3.0 through 5.1.5.1) and IBM Elastic Storage...
Moderate
Unreviewed
CVE-2022-43869
was published
Feb 12, 2023
Use of Externally-Controlled Format String vulnerabilities in STST TA prior to SMR Jan-2023...
High
Unreviewed
CVE-2023-21420
was published
Feb 9, 2023
An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to cause a denial of...
Moderate
Unreviewed
CVE-2019-18420
was published
May 24, 2022
ovirt_safe_delete_config in ovirtfunctions.py and other unspecified locations in ovirt-node 3.0.0...
High
Unreviewed
CVE-2014-8170
was published
May 17, 2022
In BIG-IP starting in versions 17.0.0, 16.1.2.2, 15.1.5.1, 14.1.4.6, and 13.1.5 on their...
Critical
Unreviewed
CVE-2023-22374
was published
Feb 1, 2023
Multiple format string vulnerabilities in Condor 7.2.0 through 7.6.4, and possibly certain 7.7.x...
Moderate
Unreviewed
CVE-2011-4930
was published
May 13, 2022
A flaw was found in the Red Hat OpenShift API Management product. User input is not validated...
Moderate
Unreviewed
CVE-2021-3442
was published
Aug 23, 2022
Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact...
Critical
Unreviewed
CVE-2016-4448
was published
May 13, 2022
It was found that usage of snprintf function in feature/locks translator of glusterfs server 3.8...
Moderate
Unreviewed
CVE-2018-14661
was published
May 13, 2022
Multiple format string vulnerabilities in isns.c in (1) Linux SCSI target framework (aka tgt or...
Moderate
Unreviewed
CVE-2010-0743
was published
May 2, 2022
Use of Externally-Controlled Format String in wire-avs
High
CVE-2021-41193
was published
for
com.wire:avs
(Maven)
Mar 1, 2022
Multiple format string vulnerabilities in phar_object.c in the phar extension in PHP 5.3.5 and...
High
Unreviewed
CVE-2011-1153
was published
May 17, 2022
This vulnerability allows local attackers to escalate privileges on affected installations of...
High
Unreviewed
CVE-2022-24051
was published
Feb 19, 2022
Format string vulnerability in the p_cgi_error function in python/neo_cgi.c in the Python CGI Kit...
High
Unreviewed
CVE-2011-4357
was published
May 17, 2022
Multiple format string vulnerabilities in the error reporting functionality in the YAML::LibYAML ...
Moderate
Unreviewed
CVE-2012-1152
was published
May 17, 2022
Multiple format string vulnerabilities in FlightGear 2.6 and earlier and SimGear 2.6 and earlier...
High
Unreviewed
CVE-2012-2090
was published
May 17, 2022
Multiple format string vulnerabilities in dbdimp.c in DBD::Pg (aka DBD-Pg or libdbd-pg-perl)...
Moderate
Unreviewed
CVE-2012-1151
was published
May 17, 2022
Format string vulnerability in VMware OVF Tool 2.1 on Windows, as used in VMware Workstation 8.x...
High
Unreviewed
CVE-2012-3569
was published
May 17, 2022
TiDB vulnerable to Use of Externally-Controlled Format String
Critical
CVE-2022-3023
was published
for
github.com/pingcap/tidb
(Go)
Nov 4, 2022
Multiple format string vulnerabilities in Yet Another Radius Daemon (YARD RADIUS) 1.1.2 allow...
High
Unreviewed
CVE-2013-4147
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API