GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,575
Composer 3,992
Erlang 29
GitHub Actions 16
Go 1,782
Maven 5,014
npm 3,544
NuGet 619
pip 3,134
Pub 10
RubyGems 838
Rust 795
Swift 34

Unreviewed advisories

All unreviewed 223,641

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

315 advisories

Filter by severity

Sort by

Least recently updated

Format string vulnerability in the client in Tftpd32 before 4.50 allows remote servers to cause a... Moderate Unreviewed

CVE-2013-6809 was published May 17, 2022

The bashMail function in cms/data/skins/techjunkie/fragments/contacts/functions.php in... Moderate Unreviewed

CVE-2014-1683 was published May 17, 2022

NetApp Data ONTAP before 8.2.5 and 8.3.x before 8.3.2P12 allow remote authenticated users to... Moderate Unreviewed

CVE-2016-1895 was published May 17, 2022

Multiple format string vulnerabilities in the parse_error_msg function in parsehelp.c in dpkg... Moderate Unreviewed

CVE-2014-8625 was published May 17, 2022

Format string vulnerability in the yyerror function in lib/cgraph/scan.l in Graphviz allows... High Unreviewed

CVE-2014-9157 was published May 17, 2022

Format string vulnerability in the zend_throw_or_error function in Zend/zend_execute_API.c in PHP... Critical Unreviewed

CVE-2015-8617 was published May 17, 2022

Format string vulnerability in Xitami Web Server 2.2a through 2.5c2, and possibly other versions,... High Unreviewed

CVE-2008-6519 was published May 17, 2022

Format string vulnerability in MemeCode Software i.Scribe 1.88 through 2.00 before Beta9 allows... High Unreviewed

CVE-2008-7074 was published May 17, 2022

An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. A crafted HTTP... High Unreviewed

CVE-2021-43041 was published Dec 7, 2021

Format string vulnerability in the b43_request_firmware function in drivers/net/wireless/b43/main... Moderate Unreviewed

CVE-2013-2852 was published May 17, 2022

Format string vulnerability in the sudo_debug function in Sudo 1.8.0 through 1.8.3p1 allows local... High Unreviewed

CVE-2012-0809 was published May 14, 2022

Format string vulnerability in the log_message_cb function in otr-plugin.c in the Off-the-Record... High Unreviewed

CVE-2012-2369 was published May 14, 2022

Open On-Chip Debugger (OpenOCD) 0.10.0 does not block attempts to use HTTP POST for sending data... Critical Unreviewed

CVE-2018-5704 was published May 14, 2022

The remote management interface in Claymore Dual Miner 10.5 and earlier is vulnerable to an... Critical Unreviewed

CVE-2018-6317 was published May 14, 2022

Huawei VP9660 V500R002C10 has a uncontrolled format string vulnerability when the license module... Moderate Unreviewed

CVE-2017-17132 was published May 14, 2022

** DISPUTED ** A cross-protocol scripting issue was discovered in the management interface in... Critical Unreviewed

CVE-2018-7544 was published May 14, 2022

The ABB IDAL FTP server mishandles format strings in a username during the authentication process... High Unreviewed

CVE-2019-7230 was published May 24, 2022

The Baxter Spectrum WBM is susceptible to format string attacks via application messaging. An... High Unreviewed

CVE-2022-26393 was published Sep 10, 2022

The Baxter Spectrum WBM (v16, v16D38) and Baxter Spectrum WBM (v17, v17D19, v20D29 to v20D32)... Moderate Unreviewed

CVE-2022-26392 was published Sep 10, 2022

The ABB IDAL HTTP server mishandles format strings in a username or cookie during the... High Unreviewed

CVE-2019-7228 was published May 24, 2022

A Format String: CWE-134 vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX... Critical Unreviewed

CVE-2019-6840 was published May 24, 2022

Ruby before 2.4.2, 2.3.5, and 2.2.8 is vulnerable to a malicious format string which contains a... Critical Unreviewed

CVE-2017-0898 was published May 14, 2022

Format string vulnerability in ovet_demandpoll.exe in HP OpenView Network Node Manager (OV NNM) 7... High Unreviewed

CVE-2010-1550 was published May 14, 2022

Format string vulnerability in BMC PATROL Agent before 3.7.30 allows remote attackers to execute... High Unreviewed

CVE-2008-5982 was published May 14, 2022

Format string vulnerability in the Epic Games Unreal engine client, as used in multiple games,... High Unreviewed

CVE-2008-6441 was published May 14, 2022

Previous 1 2 3 4 5 6 … 12 13 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

315 advisories