Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,049
Erlang
29
GitHub Actions
18
Go
1,871
Maven
5,000+
npm
3,597
NuGet
638
pip
3,198
Pub
10
RubyGems
852
Rust
809
Swift
35
Unreviewed advisories
All unreviewed
5,000+

180 advisories

yajl-ruby gem Denial of Service vulnerability High
CVE-2017-16516 was published for yajl-ruby (RubyGems) Nov 28, 2017
tdunlap607
High severity vulnerability that affects Jinja2 High
CVE-2016-10745 was published for Jinja2 (pip) Apr 10, 2019
Denial of Service in Tensorflow High
CVE-2020-15203 was published for tensorflow (pip) Sep 25, 2020
Format string vulnerabilities in pancurses High
CVE-2019-15546 was published for pancurses (Rust) Aug 25, 2021
Mishandling of format strings in ncurses High
CVE-2019-15547 was published for ncurses (Rust) Aug 25, 2021
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. A crafted HTTP... High Unreviewed
CVE-2021-43041 was published Dec 7, 2021
This vulnerability allows local attackers to escalate privileges on affected installations of... High Unreviewed
CVE-2022-24051 was published Feb 19, 2022
Use of Externally-Controlled Format String in wire-avs High
CVE-2021-41193 was published for com.wire:avs (Maven) Mar 1, 2022
The calendar module in phpWebSite 0.9.x and earlier allows remote attackers to cause a denial of... High Unreviewed
CVE-2003-0738 was published Apr 29, 2022
Format string vulnerability in the auth_debug function in Courier-IMAP 1.6.0 through 2.2.1 and 3... High Unreviewed
CVE-2004-0777 was published Apr 29, 2022
Format string vulnerability in log.c in rssh before 2.2.2 allows remote authenticated users to... High Unreviewed
CVE-2004-1628 was published Apr 29, 2022
Format string vulnerability in the LogMsg function in sercd before 2.3.1 and sredird 2.2.1 and... High Unreviewed
CVE-2004-2386 was published Apr 29, 2022
Format string vulnerability in the administration function in Cisco Secure Access Control Server ... High Unreviewed
CVE-2002-0159 was published Apr 30, 2022
Format string vulnerability in cgi.c for Monkey daemon (monkeyd) before 0.9.1 allows remote... High Unreviewed
CVE-2005-1122 was published May 1, 2022
Format string vulnerability in ArcGIS for ESRI ArcInfo Workstation 9.0 allows local users to gain... High Unreviewed
CVE-2005-1394 was published May 1, 2022
Format string vulnerability in the logging functionality in BitDefender AntiVirus 7.2 through 9... High Unreviewed
CVE-2005-3154 was published May 1, 2022
Multiple format string vulnerabilities in the auth_ldap_log_reason function in Apache auth_ldap 1... High Unreviewed
CVE-2006-0150 was published May 1, 2022
Format string vulnerability in the error-reporting feature in the mysqli extension in PHP 5.1.0... High Unreviewed
CVE-2006-0200 was published May 1, 2022
Multiple format string vulnerabilities in the logging code in Clam AntiVirus (ClamAV) before 0.88... High Unreviewed
CVE-2006-1615 was published May 1, 2022
Multiple unspecified format string vulnerabilities in Dia have unspecified impact and attack... High Unreviewed
CVE-2006-2453 was published May 1, 2022
Format string vulnerability in the WriteText function in agl_text.cpp in Milan Mimica Sparklet 0... High Unreviewed
CVE-2006-3573 was published May 1, 2022
Format string vulnerability in the inputAnswer function in file.c in w3m before 0.5.2, when run... High Unreviewed
CVE-2006-6772 was published May 1, 2022
Multiple format string vulnerabilities in (1) _invitedToRoom: and (2) _invitedToDirectChat: in... High Unreviewed
CVE-2007-0344 was published May 1, 2022
Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 through 3.0.23d allows... High Unreviewed
CVE-2007-0454 was published May 1, 2022
Format string vulnerability in iMovie HD 6.0.3, and Safari in Apple Mac OS X 10.4 through 10.4.10... High Unreviewed
CVE-2007-0646 was published May 1, 2022
ProTip! Advisories are also available from the GraphQL API