Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,683
Erlang
29
GitHub Actions
16
Go
1,708
Maven
4,944
npm
3,473
NuGet
603
pip
2,995
Pub
10
RubyGems
826
Rust
773
Swift
34
Unreviewed advisories
All unreviewed
5,000+

39 advisories

A use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7... Critical Unreviewed
CVE-2024-23113 was published Feb 15, 2024
A vulnerability regarding use of externally-controlled format string is found in the cgi... Critical Unreviewed
CVE-2023-5746 was published Oct 25, 2023
It is identified a format string vulnerability in ASUS RT-AX56U V2 & RT-AC86U. This... Critical Unreviewed
CVE-2023-35087 was published Jul 21, 2023
On Triangle MicroWorks' SCADA Data Gateway version <= v5.01.03, an unauthenticated attacker can... Critical Unreviewed
CVE-2023-2186 was published Jun 7, 2023
A vulnerability, which was classified as critical, was found in ayttm up to 0.5.0.89. This... Critical Unreviewed
CVE-2015-10088 was published Mar 5, 2023
In BIG-IP starting in versions 17.0.0, 16.1.2.2, 15.1.5.1, 14.1.4.6, and 13.1.5 on their... Critical Unreviewed
CVE-2023-22374 was published Feb 1, 2023
A vulnerability was found in intgr uqm-wasm. It has been classified as critical. This affects the... Critical Unreviewed
CVE-2020-36643 was published Jan 6, 2023
A vulnerability, which was classified as critical, has been found in sslh. This issue affects the... Critical Unreviewed
CVE-2022-4639 was published Dec 22, 2022
A vulnerability was found in multimon-ng. It has been rated as critical. This issue affects the... Critical Unreviewed
CVE-2020-36619 was published Dec 19, 2022
TiDB vulnerable to Use of Externally-Controlled Format String Critical
CVE-2022-3023 was published for github.com/pingcap/tidb (Go) Nov 4, 2022
dwisiswant0
Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode... Critical Unreviewed
CVE-2022-35874 was published Oct 25, 2022
Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode... Critical Unreviewed
CVE-2022-35875 was published Oct 25, 2022
Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode... Critical Unreviewed
CVE-2022-35876 was published Oct 25, 2022
Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode... Critical Unreviewed
CVE-2022-35877 was published Oct 25, 2022
A format string injection vulnerability exists in the ghome_process_control_packet functionality... Critical Unreviewed
CVE-2022-33938 was published Oct 25, 2022
A format string injection vulnerability exists in the XCMD getVarHA functionality of abode... Critical Unreviewed
CVE-2022-35244 was published Oct 25, 2022
A format string vulnerability in Zyxel NAS326 firmware versions prior to V5.21(AAZF.12)C0 could... Critical Unreviewed
CVE-2022-34747 was published Sep 7, 2022
Format string vulnerability in panoFileOutputNamesCreate() in libpano13 2.9.20~rc2+dfsg-3 and... Critical Unreviewed
CVE-2021-20307 was published May 24, 2022
Wire before 2020-10-16 allows remote attackers to cause a denial of service (application crash)... Critical Unreviewed
CVE-2020-27853 was published May 24, 2022
A Format String: CWE-134 vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX... Critical Unreviewed
CVE-2019-6840 was published May 24, 2022
An issue was discovered in scopd on Motorola routers CX2 1.01 and M2 1.01. There is a Use of an... Critical Unreviewed
CVE-2019-12297 was published May 24, 2022
Dell Integrated Remote Access Controller (iDRAC) 7/8 before 2.21.21.21 has a format string issue... Critical Unreviewed
CVE-2015-7271 was published May 17, 2022
CloudView NMS before 2.10a has a format string issue exploitable over SNMP. Critical Unreviewed
CVE-2016-5074 was published May 17, 2022
The zmq3 input and output modules in rsyslog before 8.28.0 interpreted description fields as... Critical Unreviewed
CVE-2017-12588 was published May 17, 2022
Format string vulnerability in the zend_throw_or_error function in Zend/zend_execute_API.c in PHP... Critical Unreviewed
CVE-2015-8617 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API