Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,016
Maven
5,000+
npm
3,721
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+

42 advisories

Loading
CloudView NMS before 2.10a has a format string issue exploitable over SNMP. Critical Unreviewed
CVE-2016-5074 was published May 17, 2022
The zmq3 input and output modules in rsyslog before 8.28.0 interpreted description fields as... Critical Unreviewed
CVE-2017-12588 was published May 17, 2022
Format string vulnerability in the zend_throw_or_error function in Zend/zend_execute_API.c in PHP... Critical Unreviewed
CVE-2015-8617 was published May 17, 2022
Open On-Chip Debugger (OpenOCD) 0.10.0 does not block attempts to use HTTP POST for sending data... Critical Unreviewed
CVE-2018-5704 was published May 14, 2022
The remote management interface in Claymore Dual Miner 10.5 and earlier is vulnerable to an... Critical Unreviewed
CVE-2018-6317 was published May 14, 2022
** DISPUTED ** A cross-protocol scripting issue was discovered in the management interface in... Critical Unreviewed
CVE-2018-7544 was published May 14, 2022
Ruby before 2.4.2, 2.3.5, and 2.2.8 is vulnerable to a malicious format string which contains a... Critical Unreviewed
CVE-2017-0898 was published May 14, 2022
A format string vulnerability in Fortinet FortiOS 5.6.0 allows attacker to execute unauthorized... Critical Unreviewed
CVE-2018-1352 was published May 14, 2022
In ncurses 6.0, there is a format string vulnerability in the fmt_entry function. A crafted input... Critical Unreviewed
CVE-2017-10685 was published May 13, 2022
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations... Critical Unreviewed
CVE-2017-16608 was published May 13, 2022
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations... Critical Unreviewed
CVE-2017-17407 was published May 13, 2022
Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact... Critical Unreviewed
CVE-2016-4448 was published May 13, 2022
ASUS RT-AX88U has a Format String vulnerability, which allows an unauthenticated remote attacker... Critical Unreviewed
CVE-2022-26674 was published Apr 23, 2022
Use of Externally-Controlled Format String in consoleme Critical
CVE-2022-27177 was published for consoleme (pip) Apr 3, 2022
A Format String vulnerability exists in DrayTek Vigor 2960 <= 1.5.1.3, DrayTek Vigor 3900 <= 1.5... Critical Unreviewed
CVE-2021-42911 was published Mar 30, 2022
Remote Code Execution in Apache Dubbo Critical
CVE-2021-36161 was published for org.apache.dubbo:dubbo (Maven) Sep 10, 2021
Mishandling of format strings in rusqlite Critical
CVE-2020-35869 was published for rusqlite (Rust) Aug 25, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database