GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,389
Composer 4,383
Erlang 33
GitHub Actions 22
Go 2,139
Maven 5,314
npm 3,800
NuGet 687
pip 3,478
Pub 12
RubyGems 897
Rust 898
Swift 38

Unreviewed advisories

All unreviewed 245,480

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

331 advisories

Filter by severity

Sort by

Least recently updated

Format string vulnerability in Xitami Web Server 2.2a through 2.5c2, and possibly other versions,... High Unreviewed

CVE-2008-6519 was published May 17, 2022

Format string vulnerability in MemeCode Software i.Scribe 1.88 through 2.00 before Beta9 allows... High Unreviewed

CVE-2008-7074 was published May 17, 2022

An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. A crafted HTTP... High Unreviewed

CVE-2021-43041 was published Dec 7, 2021

Format string vulnerability in the b43_request_firmware function in drivers/net/wireless/b43/main... Moderate Unreviewed

CVE-2013-2852 was published May 17, 2022

Format string vulnerability in the sudo_debug function in Sudo 1.8.0 through 1.8.3p1 allows local... High Unreviewed

CVE-2012-0809 was published May 14, 2022

Format string vulnerability in the log_message_cb function in otr-plugin.c in the Off-the-Record... High Unreviewed

CVE-2012-2369 was published May 14, 2022

Open On-Chip Debugger (OpenOCD) 0.10.0 does not block attempts to use HTTP POST for sending data... Critical Unreviewed

CVE-2018-5704 was published May 14, 2022

The remote management interface in Claymore Dual Miner 10.5 and earlier is vulnerable to an... Critical Unreviewed

CVE-2018-6317 was published May 14, 2022

Huawei VP9660 V500R002C10 has a uncontrolled format string vulnerability when the license module... Moderate Unreviewed

CVE-2017-17132 was published May 14, 2022

** DISPUTED ** A cross-protocol scripting issue was discovered in the management interface in... Critical Unreviewed

CVE-2018-7544 was published May 14, 2022

The Baxter Spectrum WBM is susceptible to format string attacks via application messaging. An... High Unreviewed

CVE-2022-26393 was published Sep 10, 2022

The Baxter Spectrum WBM (v16, v16D38) and Baxter Spectrum WBM (v17, v17D19, v20D29 to v20D32)... Moderate Unreviewed

CVE-2022-26392 was published Sep 10, 2022

The ABB IDAL FTP server mishandles format strings in a username during the authentication process... High Unreviewed

CVE-2019-7230 was published May 24, 2022

The ABB IDAL HTTP server mishandles format strings in a username or cookie during the... High Unreviewed

CVE-2019-7228 was published May 24, 2022

A Format String: CWE-134 vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX... Critical Unreviewed

CVE-2019-6840 was published May 24, 2022

Ruby before 2.4.2, 2.3.5, and 2.2.8 is vulnerable to a malicious format string which contains a... Critical Unreviewed

CVE-2017-0898 was published May 14, 2022

Format string vulnerability in ovet_demandpoll.exe in HP OpenView Network Node Manager (OV NNM) 7... High Unreviewed

CVE-2010-1550 was published May 14, 2022

Format string vulnerability in BMC PATROL Agent before 3.7.30 allows remote attackers to execute... High Unreviewed

CVE-2008-5982 was published May 14, 2022

Format string vulnerability in the Epic Games Unreal engine client, as used in multiple games,... High Unreviewed

CVE-2008-6441 was published May 14, 2022

Format string vulnerability in the vinagre_utils_show_error function (src/vinagre-utils.c) in... Moderate Unreviewed

CVE-2008-5660 was published May 14, 2022

The dissect_dsmcc_un_download function in epan/dissectors/packet-mpeg-dsmcc.c in the MPEG DSM-CC... Moderate Unreviewed

CVE-2013-3560 was published May 14, 2022

Format string vulnerability in Screen Sharing Server in Apple Mac OS X before 10.9 and Apple... High Unreviewed

CVE-2013-5135 was published May 14, 2022

Format string vulnerability in VPN in Apple iOS before 5.1 allows remote attackers to execute... High Unreviewed

CVE-2012-0646 was published May 14, 2022

In Wireshark 2.4.0 to 2.4.1, 2.2.0 to 2.2.9, and 2.0.0 to 2.0.15, the DMP dissector could crash.... High Unreviewed

CVE-2017-15191 was published May 14, 2022

A format string vulnerability in Fortinet FortiOS 5.6.0 allows attacker to execute unauthorized... Critical Unreviewed

CVE-2018-1352 was published May 14, 2022

Previous 1 2 3 4 5 6 7 … 13 14 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

331 advisories