GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,373
Erlang
33
GitHub Actions
22
Go
2,139
Maven
5,000+
npm
3,799
NuGet
687
pip
3,478
Pub
12
RubyGems
896
Rust
898
Swift
38
Unreviewed advisories
All unreviewed
5,000+
330 advisories
Filter by severity
Apache log4net format string vulnerability causes DoS
Moderate
CVE-2006-0743
was published
for
log4net
(NuGet)
May 1, 2022
Format string vulnerability in a logging function as used by various SFTP servers, including (1)...
Moderate
Unreviewed
CVE-2006-0705
was published
May 1, 2022
Format string vulnerability in the error-reporting feature in the mysqli extension in PHP 5.1.0...
High
Unreviewed
CVE-2006-0200
was published
May 1, 2022
Multiple format string vulnerabilities in the auth_ldap_log_reason function in Apache auth_ldap 1...
High
Unreviewed
CVE-2006-0150
was published
May 1, 2022
Format string vulnerability in the logging functionality in BitDefender AntiVirus 7.2 through 9...
High
Unreviewed
CVE-2005-3154
was published
May 1, 2022
Format string vulnerability in ArcGIS for ESRI ArcInfo Workstation 9.0 allows local users to gain...
High
Unreviewed
CVE-2005-1394
was published
May 1, 2022
Format string vulnerability in cgi.c for Monkey daemon (monkeyd) before 0.9.1 allows remote...
High
Unreviewed
CVE-2005-1122
was published
May 1, 2022
Format string vulnerability in the administration function in Cisco Secure Access Control Server ...
High
Unreviewed
CVE-2002-0159
was published
Apr 30, 2022
Unspecified vulnerability in Window Maker 0.80.2 and earlier allows attackers to perform unknown...
Moderate
Unreviewed
CVE-2004-2714
was published
Apr 29, 2022
Format string vulnerability in the LogMsg function in sercd before 2.3.1 and sredird 2.2.1 and...
High
Unreviewed
CVE-2004-2386
was published
Apr 29, 2022
Format string vulnerability in log.c in rssh before 2.2.2 allows remote authenticated users to...
High
Unreviewed
CVE-2004-1628
was published
Apr 29, 2022
Format string vulnerability in the auth_debug function in Courier-IMAP 1.6.0 through 2.2.1 and 3...
High
Unreviewed
CVE-2004-0777
was published
Apr 29, 2022
Format string vulnerability in AMX 0.9.2 and earlier, a plugin for Valve Software's Half-Life...
Moderate
Unreviewed
CVE-2003-1381
was published
Apr 29, 2022
The calendar module in phpWebSite 0.9.x and earlier allows remote attackers to cause a denial of...
High
Unreviewed
CVE-2003-0738
was published
Apr 29, 2022
ASUS RT-AX88U has a Format String vulnerability, which allows an unauthenticated remote attacker...
Critical
Unreviewed
CVE-2022-26674
was published
Apr 23, 2022
Use of Externally-Controlled Format String in consoleme
Critical
CVE-2022-27177
was published
for
consoleme
(pip)
Apr 3, 2022
A Format String vulnerability exists in DrayTek Vigor 2960 <= 1.5.1.3, DrayTek Vigor 3900 <= 1.5...
Critical
Unreviewed
CVE-2021-42911
was published
Mar 30, 2022
Use of Externally-Controlled Format String in wire-avs
High
CVE-2021-41193
was published
for
com.wire:avs
(Maven)
Mar 1, 2022
This vulnerability allows local attackers to escalate privileges on affected installations of...
High
Unreviewed
CVE-2022-24051
was published
Feb 19, 2022
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. A crafted HTTP...
High
Unreviewed
CVE-2021-43041
was published
Dec 7, 2021
Remote Code Execution in Apache Dubbo
Critical
CVE-2021-36161
was published
for
org.apache.dubbo:dubbo
(Maven)
Sep 10, 2021
Mishandling of format strings in ncurses
High
CVE-2019-15547
was published
for
ncurses
(Rust)
Aug 25, 2021
Format string vulnerabilities in pancurses
High
CVE-2019-15546
was published
for
pancurses
(Rust)
Aug 25, 2021
Mishandling of format strings in rusqlite
Critical
CVE-2020-35869
was published
for
rusqlite
(Rust)
Aug 25, 2021
ProTip!
Advisories are also available from the
GraphQL API