Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,992
Erlang
29
GitHub Actions
16
Go
1,782
Maven
5,000+
npm
3,544
NuGet
619
pip
3,134
Pub
10
RubyGems
838
Rust
795
Swift
34
Unreviewed advisories
All unreviewed
5,000+

315 advisories

Loading
Crash in the USB HID protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial of service via... High Unreviewed
CVE-2022-3724 was published Dec 9, 2022
Mishandling of format strings in rusqlite Critical
CVE-2020-35869 was published for rusqlite (Rust) Aug 25, 2021
Mishandling of format strings in ncurses High
CVE-2019-15547 was published for ncurses (Rust) Aug 25, 2021
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected... Moderate Unreviewed
CVE-2022-43619 was published Mar 29, 2023
A use of externally-controlled format string in Fortinet FortiWeb version 7.0.0 through 7.0.1,... High Unreviewed
CVE-2023-23783 was published Feb 16, 2023
IBM Spectrum Scale (5.1.0.0 through 5.1.2.8 and 5.1.3.0 through 5.1.5.1) and IBM Elastic Storage... Moderate Unreviewed
CVE-2022-43869 was published Feb 12, 2023
Use of Externally-Controlled Format String vulnerabilities in STST TA prior to SMR Jan-2023... High Unreviewed
CVE-2023-21420 was published Feb 9, 2023
An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to cause a denial of... Moderate Unreviewed
CVE-2019-18420 was published May 24, 2022
ovirt_safe_delete_config in ovirtfunctions.py and other unspecified locations in ovirt-node 3.0.0... High Unreviewed
CVE-2014-8170 was published May 17, 2022
In BIG-IP starting in versions 17.0.0, 16.1.2.2, 15.1.5.1, 14.1.4.6, and 13.1.5 on their... Critical Unreviewed
CVE-2023-22374 was published Feb 1, 2023
Multiple format string vulnerabilities in Condor 7.2.0 through 7.6.4, and possibly certain 7.7.x... Moderate Unreviewed
CVE-2011-4930 was published May 13, 2022
A flaw was found in the Red Hat OpenShift API Management product. User input is not validated... Moderate Unreviewed
CVE-2021-3442 was published Aug 23, 2022
Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact... Critical Unreviewed
CVE-2016-4448 was published May 13, 2022
It was found that usage of snprintf function in feature/locks translator of glusterfs server 3.8... Moderate Unreviewed
CVE-2018-14661 was published May 13, 2022
Multiple format string vulnerabilities in isns.c in (1) Linux SCSI target framework (aka tgt or... Moderate Unreviewed
CVE-2010-0743 was published May 2, 2022
Use of Externally-Controlled Format String in wire-avs High
CVE-2021-41193 was published for com.wire:avs (Maven) Mar 1, 2022
Multiple format string vulnerabilities in phar_object.c in the phar extension in PHP 5.3.5 and... High Unreviewed
CVE-2011-1153 was published May 17, 2022
This vulnerability allows local attackers to escalate privileges on affected installations of... High Unreviewed
CVE-2022-24051 was published Feb 19, 2022
Format string vulnerability in the p_cgi_error function in python/neo_cgi.c in the Python CGI Kit... High Unreviewed
CVE-2011-4357 was published May 17, 2022
Multiple format string vulnerabilities in the error reporting functionality in the YAML::LibYAML ... Moderate Unreviewed
CVE-2012-1152 was published May 17, 2022
Multiple format string vulnerabilities in FlightGear 2.6 and earlier and SimGear 2.6 and earlier... High Unreviewed
CVE-2012-2090 was published May 17, 2022
Multiple format string vulnerabilities in dbdimp.c in DBD::Pg (aka DBD-Pg or libdbd-pg-perl)... Moderate Unreviewed
CVE-2012-1151 was published May 17, 2022
Format string vulnerability in VMware OVF Tool 2.1 on Windows, as used in VMware Workstation 8.x... High Unreviewed
CVE-2012-3569 was published May 17, 2022
TiDB vulnerable to Use of Externally-Controlled Format String Critical
CVE-2022-3023 was published for github.com/pingcap/tidb (Go) Nov 4, 2022
dwisiswant0
Multiple format string vulnerabilities in Yet Another Radius Daemon (YARD RADIUS) 1.1.2 allow... High Unreviewed
CVE-2013-4147 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API