GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,992
Erlang
29
GitHub Actions
16
Go
1,782
Maven
5,000+
npm
3,544
NuGet
619
pip
3,134
Pub
10
RubyGems
838
Rust
795
Swift
34
Unreviewed advisories
All unreviewed
5,000+
315 advisories
Filter by severity
Format string vulnerability in the client in Tftpd32 before 4.50 allows remote servers to cause a...
Moderate
Unreviewed
CVE-2013-6809
was published
May 17, 2022
The bashMail function in cms/data/skins/techjunkie/fragments/contacts/functions.php in...
Moderate
Unreviewed
CVE-2014-1683
was published
May 17, 2022
NetApp Data ONTAP before 8.2.5 and 8.3.x before 8.3.2P12 allow remote authenticated users to...
Moderate
Unreviewed
CVE-2016-1895
was published
May 17, 2022
Multiple format string vulnerabilities in the parse_error_msg function in parsehelp.c in dpkg...
Moderate
Unreviewed
CVE-2014-8625
was published
May 17, 2022
Format string vulnerability in the yyerror function in lib/cgraph/scan.l in Graphviz allows...
High
Unreviewed
CVE-2014-9157
was published
May 17, 2022
Format string vulnerability in the zend_throw_or_error function in Zend/zend_execute_API.c in PHP...
Critical
Unreviewed
CVE-2015-8617
was published
May 17, 2022
Format string vulnerability in Xitami Web Server 2.2a through 2.5c2, and possibly other versions,...
High
Unreviewed
CVE-2008-6519
was published
May 17, 2022
Format string vulnerability in MemeCode Software i.Scribe 1.88 through 2.00 before Beta9 allows...
High
Unreviewed
CVE-2008-7074
was published
May 17, 2022
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. A crafted HTTP...
High
Unreviewed
CVE-2021-43041
was published
Dec 7, 2021
Format string vulnerability in the b43_request_firmware function in drivers/net/wireless/b43/main...
Moderate
Unreviewed
CVE-2013-2852
was published
May 17, 2022
Format string vulnerability in the sudo_debug function in Sudo 1.8.0 through 1.8.3p1 allows local...
High
Unreviewed
CVE-2012-0809
was published
May 14, 2022
Format string vulnerability in the log_message_cb function in otr-plugin.c in the Off-the-Record...
High
Unreviewed
CVE-2012-2369
was published
May 14, 2022
Open On-Chip Debugger (OpenOCD) 0.10.0 does not block attempts to use HTTP POST for sending data...
Critical
Unreviewed
CVE-2018-5704
was published
May 14, 2022
The remote management interface in Claymore Dual Miner 10.5 and earlier is vulnerable to an...
Critical
Unreviewed
CVE-2018-6317
was published
May 14, 2022
Huawei VP9660 V500R002C10 has a uncontrolled format string vulnerability when the license module...
Moderate
Unreviewed
CVE-2017-17132
was published
May 14, 2022
** DISPUTED ** A cross-protocol scripting issue was discovered in the management interface in...
Critical
Unreviewed
CVE-2018-7544
was published
May 14, 2022
The ABB IDAL FTP server mishandles format strings in a username during the authentication process...
High
Unreviewed
CVE-2019-7230
was published
May 24, 2022
The Baxter Spectrum WBM is susceptible to format string attacks via application messaging. An...
High
Unreviewed
CVE-2022-26393
was published
Sep 10, 2022
The Baxter Spectrum WBM (v16, v16D38) and Baxter Spectrum WBM (v17, v17D19, v20D29 to v20D32)...
Moderate
Unreviewed
CVE-2022-26392
was published
Sep 10, 2022
The ABB IDAL HTTP server mishandles format strings in a username or cookie during the...
High
Unreviewed
CVE-2019-7228
was published
May 24, 2022
A Format String: CWE-134 vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX...
Critical
Unreviewed
CVE-2019-6840
was published
May 24, 2022
Ruby before 2.4.2, 2.3.5, and 2.2.8 is vulnerable to a malicious format string which contains a...
Critical
Unreviewed
CVE-2017-0898
was published
May 14, 2022
Format string vulnerability in ovet_demandpoll.exe in HP OpenView Network Node Manager (OV NNM) 7...
High
Unreviewed
CVE-2010-1550
was published
May 14, 2022
Format string vulnerability in BMC PATROL Agent before 3.7.30 allows remote attackers to execute...
High
Unreviewed
CVE-2008-5982
was published
May 14, 2022
Format string vulnerability in the Epic Games Unreal engine client, as used in multiple games,...
High
Unreviewed
CVE-2008-6441
was published
May 14, 2022
ProTip!
Advisories are also available from the
GraphQL API