GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,992
Erlang
29
GitHub Actions
16
Go
1,782
Maven
5,000+
npm
3,544
NuGet
619
pip
3,134
Pub
10
RubyGems
838
Rust
795
Swift
34
Unreviewed advisories
All unreviewed
5,000+
315 advisories
Filter by severity
An issue was discovered in handler_ipcom_shell_pwd in the Interpeak IPCOMShell TELNET server on...
High
Unreviewed
CVE-2019-7712
was published
May 13, 2022
An issue was discovered in the Interpeak IPCOMShell TELNET server on Green Hills INTEGRITY RTOS 5...
High
Unreviewed
CVE-2019-7711
was published
May 13, 2022
Remote Code Execution in Apache Dubbo
Critical
CVE-2021-36161
was published
for
org.apache.dubbo:dubbo
(Maven)
Sep 10, 2021
Format string vulnerabilities in pancurses
High
CVE-2019-15546
was published
for
pancurses
(Rust)
Aug 25, 2021
fmtlib version prior to version 4.1.0 (before commit 0555cea5fc0bf890afe0071a558e44625a34ba85)...
High
Unreviewed
CVE-2018-1000052
was published
May 13, 2022
Assuming radio permission is gained, missing input validation in modem interface driver prior to...
Moderate
Unreviewed
CVE-2021-25489
was published
May 24, 2022
Format string vulnerability in the Print Spooler service in Microsoft Windows XP SP2 and SP3,...
High
Unreviewed
CVE-2012-1851
was published
May 13, 2022
Puppet Enterprise 2017.3.x prior to 2017.3.3 are vulnerable to a remote execution bug when a...
High
Unreviewed
CVE-2018-6508
was published
May 13, 2022
A format string vulnerability [CWE-134] in the command line interpreter of FortiADC version 6.0.0...
High
Unreviewed
CVE-2022-22299
was published
Aug 6, 2022
Format string vulnerability in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to...
High
Unreviewed
CVE-2012-0242
was published
May 4, 2022
Multiple format string vulnerabilities in Wireshark (aka Ethereal) 0.10.x to 0.99.0 allow remote...
High
Unreviewed
CVE-2006-3628
was published
May 3, 2022
Format string vulnerability in the SetImageInfo function in image.c for ImageMagick 6.2.3 and...
Moderate
Unreviewed
CVE-2006-0082
was published
May 3, 2022
Multiple format string vulnerabilities in logging functions in mod_auth_pgsql before 2.0.3, when...
High
Unreviewed
CVE-2005-3656
was published
May 3, 2022
Multiple format string vulnerabilities in (1) neon 0.24.4 and earlier, and other products that...
Moderate
Unreviewed
CVE-2004-0179
was published
May 3, 2022
Multiple format string vulnerabilities in Network Authorization in Apple Mac OS X 10.6 before 10...
Moderate
Unreviewed
CVE-2010-1376
was published
May 2, 2022
Format string vulnerability in vmrun in VMware VIX API 1.6.x, VMware Workstation 6.5.x before 6.5...
High
Unreviewed
CVE-2010-1139
was published
May 2, 2022
Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and...
High
Unreviewed
CVE-2010-1039
was published
May 2, 2022
Format string vulnerability in the WebDAV implementation in webservd in Sun Java System Web...
High
Unreviewed
CVE-2010-0388
was published
May 2, 2022
Format string vulnerability in Ipswitch WS_FTP Professional 12 before 12.2 allows remote...
Moderate
Unreviewed
CVE-2009-4775
was published
May 2, 2022
VMware Authentication Daemon 1.0 in vmware-authd.exe in the VMware Authorization Service in...
Moderate
Unreviewed
CVE-2009-4811
was published
May 2, 2022
Format string vulnerability in War FTP Daemon (warftpd) 1.82 RC 12 allows remote authenticated...
Moderate
Unreviewed
CVE-2009-5141
was published
May 2, 2022
VMware Authentication Daemon 1.0 in vmware-authd.exe in the VMware Authorization Service in...
Moderate
Unreviewed
CVE-2009-3707
was published
May 2, 2022
Format string vulnerability in the h_readrequest function in http.c in httpdx Web Server 1.4...
High
Unreviewed
CVE-2009-3663
was published
May 2, 2022
Multiple format string vulnerabilities in lib/silcclient/client_entry.c in Secure Internet Live...
High
Unreviewed
CVE-2009-3051
was published
May 2, 2022
ProTip!
Advisories are also available from the
GraphQL API