Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,972
Erlang
29
GitHub Actions
16
Go
1,762
Maven
4,983
npm
3,518
NuGet
609
pip
3,094
Pub
10
RubyGems
833
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

91 advisories

Loading
Format string vulnerability in Apple iPhoto 6.0.5 (316), and other versions before 6.0.6, allows... Moderate Unreviewed
CVE-2007-0051 was published May 1, 2022
Multiple format string vulnerabilities in (1) the cdio_log_handler function in modules/access... Moderate Unreviewed
CVE-2007-0017 was published May 1, 2022
Format string vulnerability in XM Easy Personal FTP Server 5.2.1 allows remote attackers to cause... Moderate Unreviewed
CVE-2006-6751 was published May 1, 2022
Format string vulnerability in time.cc in MySQL Server 4.1 before 4.1.21 and 5.0 before 1 April... Moderate Unreviewed
CVE-2006-3469 was published May 1, 2022
Format string vulnerability in Dia 0.94 allows user-assisted attackers to cause a denial of... Moderate Unreviewed
CVE-2006-2480 was published May 1, 2022
Format string vulnerability in the raydium_log function in console.c in Raydium before SVN... Moderate Unreviewed
CVE-2006-2409 was published May 1, 2022
Multiple format string vulnerabilities in Empire Server before 4.3.1 allow attackers to cause a... Moderate Unreviewed
CVE-2006-1840 was published May 1, 2022
Format string vulnerability in the CF_syslog function launchd in Apple Mac OS X 10.4 up to 10.4.6... Moderate Unreviewed
CVE-2006-1471 was published May 1, 2022
Format string vulnerability in PunkBuster 1.180 and earlier, as used by Soldier of Fortune II and... Moderate Unreviewed
CVE-2006-0771 was published May 1, 2022
Apache log4net format string vulnerability causes DoS Moderate
CVE-2006-0743 was published for log4net (NuGet) May 1, 2022
Format string vulnerability in a logging function as used by various SFTP servers, including (1)... Moderate Unreviewed
CVE-2006-0705 was published May 1, 2022
Unspecified vulnerability in Window Maker 0.80.2 and earlier allows attackers to perform unknown... Moderate Unreviewed
CVE-2004-2714 was published Apr 29, 2022
Format string vulnerability in AMX 0.9.2 and earlier, a plugin for Valve Software's Half-Life... Moderate Unreviewed
CVE-2003-1381 was published Apr 29, 2022
Plone Sandbox Escape Moderate
CVE-2017-5524 was published for Plone (pip) Jul 12, 2018
gtk2 vulnerable to Use of Externally-Controlled Format String Moderate
CVE-2007-6183 was published for gtk2 (RubyGems) Oct 24, 2017
actionmailer email address processing causes Denial of service Moderate
CVE-2013-4389 was published for actionmailer (RubyGems) Oct 24, 2017
ProTip! Advisories are also available from the GraphQL API