Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,972
Erlang
29
GitHub Actions
16
Go
1,762
Maven
4,983
npm
3,518
NuGet
609
pip
3,094
Pub
10
RubyGems
833
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

91 advisories

Loading
OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable... Moderate Unreviewed
CVE-2024-4641 was published Jun 25, 2024
A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.5,... Moderate Unreviewed
CVE-2023-45583 was published May 14, 2024
A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.4,... Moderate Unreviewed
CVE-2023-36640 was published May 14, 2024
Use of Externally-Controlled Format String vulnerability in Merge DICOM Toolkit C/C++ on Windows.... Moderate Unreviewed
CVE-2024-23914 was published May 3, 2024
A use of externally-controlled format string vulnerability [CWE-134] in FortiOS version 7.4.1 and... Moderate Unreviewed
CVE-2023-48784 was published Apr 9, 2024
A format string vulnerability in a binary of the Zyxel NBG-418N v2 firmware versions prior to V1... Moderate Unreviewed
CVE-2023-22923 was published May 1, 2023
This vulnerability allows remote attackers to disclose sensitive information on affected... Moderate Unreviewed
CVE-2019-13318 was published May 24, 2022
A use of externally-controlled format string vulnerability [CWE-134] in Fortinet FortiManager... Moderate Unreviewed
CVE-2023-41842 was published Mar 12, 2024
A format string vulnerability in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch... Moderate Unreviewed
CVE-2023-6399 was published Feb 20, 2024
Apache log4net format string vulnerability causes DoS Moderate
CVE-2006-0743 was published for log4net (NuGet) May 1, 2022
actionmailer email address processing causes Denial of service Moderate
CVE-2013-4389 was published for actionmailer (RubyGems) Oct 24, 2017
gtk2 vulnerable to Use of Externally-Controlled Format String Moderate
CVE-2007-6183 was published for gtk2 (RubyGems) Oct 24, 2017
Plone Sandbox Escape Moderate
CVE-2017-5524 was published for Plone (pip) Jul 12, 2018
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected... Moderate Unreviewed
CVE-2022-43619 was published Mar 29, 2023
IBM Spectrum Scale (5.1.0.0 through 5.1.2.8 and 5.1.3.0 through 5.1.5.1) and IBM Elastic Storage... Moderate Unreviewed
CVE-2022-43869 was published Feb 12, 2023
An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to cause a denial of... Moderate Unreviewed
CVE-2019-18420 was published May 24, 2022
Multiple format string vulnerabilities in Condor 7.2.0 through 7.6.4, and possibly certain 7.7.x... Moderate Unreviewed
CVE-2011-4930 was published May 13, 2022
A flaw was found in the Red Hat OpenShift API Management product. User input is not validated... Moderate Unreviewed
CVE-2021-3442 was published Aug 23, 2022
It was found that usage of snprintf function in feature/locks translator of glusterfs server 3.8... Moderate Unreviewed
CVE-2018-14661 was published May 13, 2022
Multiple format string vulnerabilities in isns.c in (1) Linux SCSI target framework (aka tgt or... Moderate Unreviewed
CVE-2010-0743 was published May 2, 2022
Multiple format string vulnerabilities in the error reporting functionality in the YAML::LibYAML ... Moderate Unreviewed
CVE-2012-1152 was published May 17, 2022
Multiple format string vulnerabilities in dbdimp.c in DBD::Pg (aka DBD-Pg or libdbd-pg-perl)... Moderate Unreviewed
CVE-2012-1151 was published May 17, 2022
Format string vulnerability in the client in Tftpd32 before 4.50 allows remote servers to cause a... Moderate Unreviewed
CVE-2013-6809 was published May 17, 2022
The bashMail function in cms/data/skins/techjunkie/fragments/contacts/functions.php in... Moderate Unreviewed
CVE-2014-1683 was published May 17, 2022
NetApp Data ONTAP before 8.2.5 and 8.3.x before 8.3.2P12 allow remote authenticated users to... Moderate Unreviewed
CVE-2016-1895 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API