Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,992
Erlang
29
GitHub Actions
16
Go
1,782
Maven
5,000+
npm
3,544
NuGet
619
pip
3,134
Pub
10
RubyGems
838
Rust
795
Swift
34
Unreviewed advisories
All unreviewed
5,000+

180 advisories

Loading
Remote Code Execution in PAN-OS 7.1.18 and earlier, PAN-OS 8.0.11 and earlier, and PAN-OS 8.1.2... High Unreviewed
CVE-2019-1579 was published May 24, 2022
Format String vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS... High Unreviewed
CVE-2018-0175 was published May 13, 2022
A Use of Externally-Controlled Format String vulnerability in the Packet Forwarding Engine (PFE)... High Unreviewed
CVE-2024-39529 was published Jul 11, 2024
Format string vulnerability in ArcGIS for ESRI ArcInfo Workstation 9.0 allows local users to gain... High Unreviewed
CVE-2005-1394 was published May 1, 2022
Actiontec WCB6200Q Cookie Format String Remote Code Execution Vulnerability. This vulnerability... High Unreviewed
CVE-2024-6145 was published Jun 19, 2024
In the standard library in Rust before 1.50.3, there is an optimization for joining strings that... High Unreviewed
CVE-2020-36323 was published May 24, 2022
A format string vulnerability exists in Motorola MTM5000 series firmware AT command handler for... High Unreviewed
CVE-2022-26941 was published Oct 19, 2023
ASUS router RT-AX88U has a vulnerability of using externally controllable format strings within... High Unreviewed
CVE-2023-41349 was published Sep 18, 2023
A format string vulnerability in the Zyxel ATP series firmware versions 5.10 through 5.36 Patch 2... High Unreviewed
CVE-2023-33011 was published Jul 17, 2023
A use of externally-controlled format string in Fortinet FortiOS version 7.2.0 through 7.2.4,... High Unreviewed
CVE-2022-43953 was published Jun 13, 2023
Use of externally-controlled format string vulnerability in mPOS TUI trustlet prior to SMR May... High Unreviewed
CVE-2023-21497 was published May 4, 2023
A valid, authenticated user may be able to trigger a denial of service of the XCC web user... High Unreviewed
CVE-2023-25492 was published May 1, 2023
cPanel before 60.0.25 allows format-string injection in exception-message handling (SEC-171). High Unreviewed
CVE-2016-10773 was published May 24, 2022
Format string vulnerability in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows... High Unreviewed
CVE-2018-14713 was published May 24, 2022
Multiple format string vulnerabilities in the python module in RRDtool, as used in Zenoss Core... High Unreviewed
CVE-2014-6262 was published May 17, 2022
** DISPUTED ** In Tcl 8.6.11, a format string vulnerability in nmakehlp.c might allow code... High Unreviewed
CVE-2021-35331 was published May 24, 2022
It is identified a format string vulnerability in ASUS RT-AX56U V2’s iperf client function API.... High Unreviewed
CVE-2023-39240 was published Sep 7, 2023
It is identified a format string vulnerability in ASUS RT-AX56U V2’s General function API. This... High Unreviewed
CVE-2023-39239 was published Sep 7, 2023
It is identified a format string vulnerability in ASUS RT-AX56U V2. This vulnerability is caused... High Unreviewed
CVE-2023-39238 was published Sep 7, 2023
It is identified a format string vulnerability in ASUS RT-AX56U V2 & RT-AC86U. This... High Unreviewed
CVE-2023-35086 was published Jul 21, 2023
Apache Airflow vulnerable to Use of Externally-Controlled Format String High
CVE-2022-40604 was published for apache-airflow (pip) Sep 22, 2022
sunSUNQ
A use of externally-controlled format string in Fortinet FortiOS 7.2.0 through 7.2.4, 7.0.0... High Unreviewed
CVE-2023-29181 was published Feb 22, 2024
A format string vulnerability in a function of the IPSec VPN feature in Zyxel ATP... High Unreviewed
CVE-2023-6764 was published Feb 20, 2024
A format string issue in the Controller 6000's optional diagnostic web interface can be used... High Unreviewed
CVE-2023-24590 was published Dec 19, 2023
A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.4,... High Unreviewed
CVE-2023-36639 was published Dec 13, 2023
ProTip! Advisories are also available from the GraphQL API