Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,343
Erlang
31
GitHub Actions
22
Go
2,107
Maven
5,000+
npm
3,764
NuGet
679
pip
3,452
Pub
12
RubyGems
892
Rust
886
Swift
37
Unreviewed advisories
All unreviewed
5,000+

329 advisories

Loading
Format string vulnerability in the SetImageInfo function in image.c for ImageMagick 6.2.3 and... Moderate Unreviewed
CVE-2006-0082 was published May 3, 2022
Multiple format string vulnerabilities in Wireshark (aka Ethereal) 0.10.x to 0.99.0 allow remote... High Unreviewed
CVE-2006-3628 was published May 3, 2022
Format string vulnerability in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to... High Unreviewed
CVE-2012-0242 was published May 4, 2022
A format string vulnerability [CWE-134] in the command line interpreter of FortiADC version 6.0.0... High Unreviewed
CVE-2022-22299 was published Aug 6, 2022
Puppet Enterprise 2017.3.x prior to 2017.3.3 are vulnerable to a remote execution bug when a... High Unreviewed
CVE-2018-6508 was published May 13, 2022
Format string vulnerability in the Print Spooler service in Microsoft Windows XP SP2 and SP3,... High Unreviewed
CVE-2012-1851 was published May 13, 2022
Assuming radio permission is gained, missing input validation in modem interface driver prior to... Moderate Unreviewed
CVE-2021-25489 was published May 24, 2022
fmtlib version prior to version 4.1.0 (before commit 0555cea5fc0bf890afe0071a558e44625a34ba85)... High Unreviewed
CVE-2018-1000052 was published May 13, 2022
Format string vulnerabilities in pancurses High
CVE-2019-15546 was published for pancurses (Rust) Aug 25, 2021
Remote Code Execution in Apache Dubbo Critical
CVE-2021-36161 was published for org.apache.dubbo:dubbo (Maven) Sep 10, 2021
An issue was discovered in the Interpeak IPCOMShell TELNET server on Green Hills INTEGRITY RTOS 5... High Unreviewed
CVE-2019-7711 was published May 13, 2022
An issue was discovered in handler_ipcom_shell_pwd in the Interpeak IPCOMShell TELNET server on... High Unreviewed
CVE-2019-7712 was published May 13, 2022
The ProcessGpsInfo function of the gpsinfo.c file of jhead 3.00 may allow a remote attacker to... High Unreviewed
CVE-2018-16554 was published May 13, 2022
The Pulse Secure Desktop (macOS) 5.3RX before 5.3R5 and 9.0R1 has a Format String Vulnerability. Moderate Unreviewed
CVE-2018-15749 was published May 13, 2022
Ubiquiti Networks EdgeSwitch version 1.7.3 and prior suffer from an externally controlled format... High Unreviewed
CVE-2018-12590 was published May 13, 2022
Format String vulnerability in KeepKey version 4.0.0 allows attackers to trigger information... High Unreviewed
CVE-2018-6875 was published May 13, 2022
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could... High Unreviewed
CVE-2018-1566 was published May 13, 2022
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations... Critical Unreviewed
CVE-2017-17407 was published May 13, 2022
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations... Critical Unreviewed
CVE-2017-16608 was published May 13, 2022
In Ceph, a format string flaw was found in the way libradosstriper parses input from user. A user... Moderate Unreviewed
CVE-2017-7519 was published May 13, 2022
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations... High Unreviewed
CVE-2017-16602 was published May 13, 2022
An Externally Controlled Format String issue was discovered in Advantech WebAccess versions prior... High Unreviewed
CVE-2017-12702 was published May 13, 2022
In ncurses 6.0, there is a format string vulnerability in the fmt_entry function. A crafted input... Critical Unreviewed
CVE-2017-10685 was published May 13, 2022
The Bluetooth stack on the BMW 330i 2011 allows a remote crash of the CD/Multimedia software via ... High Unreviewed
CVE-2017-9212 was published May 13, 2022
In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0... High Unreviewed
CVE-2018-8778 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database