GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,262
Erlang
31
GitHub Actions
21
Go
2,030
Maven
5,000+
npm
3,732
NuGet
662
pip
3,409
Pub
12
RubyGems
891
Rust
865
Swift
36
Unreviewed advisories
All unreviewed
5,000+
42 advisories
Filter by severity
The remote management interface in Claymore Dual Miner 10.5 and earlier is vulnerable to an...
Critical
Unreviewed
CVE-2018-6317
was published
May 14, 2022
Open On-Chip Debugger (OpenOCD) 0.10.0 does not block attempts to use HTTP POST for sending data...
Critical
Unreviewed
CVE-2018-5704
was published
May 14, 2022
Format string vulnerability in the zend_throw_or_error function in Zend/zend_execute_API.c in PHP...
Critical
Unreviewed
CVE-2015-8617
was published
May 17, 2022
TiDB vulnerable to Use of Externally-Controlled Format String
Critical
CVE-2022-3023
was published
for
github.com/pingcap/tidb
(Go)
Nov 4, 2022
Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact...
Critical
Unreviewed
CVE-2016-4448
was published
May 13, 2022
In BIG-IP starting in versions 17.0.0, 16.1.2.2, 15.1.5.1, 14.1.4.6, and 13.1.5 on their...
Critical
Unreviewed
CVE-2023-22374
was published
Feb 1, 2023
Mishandling of format strings in rusqlite
Critical
CVE-2020-35869
was published
for
rusqlite
(Rust)
Aug 25, 2021
Use of Externally-Controlled Format String in consoleme
Critical
CVE-2022-27177
was published
for
consoleme
(pip)
Apr 3, 2022
A vulnerability regarding use of externally-controlled format string is found in the cgi...
Critical
Unreviewed
CVE-2023-5746
was published
Oct 25, 2023
A use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7...
Critical
Unreviewed
CVE-2024-23113
was published
Feb 15, 2024
A vulnerability, which was classified as critical, was found in ayttm up to 0.5.0.89. This...
Critical
Unreviewed
CVE-2015-10088
was published
Mar 5, 2023
An issue was discovered in scopd on Motorola routers CX2 1.01 and M2 1.01. There is a Use of an...
Critical
Unreviewed
CVE-2019-12297
was published
May 24, 2022
On Triangle MicroWorks' SCADA Data Gateway version <= v5.01.03, an unauthenticated attacker can...
Critical
Unreviewed
CVE-2023-2186
was published
Jun 7, 2023
It is identified a format string vulnerability in ASUS RT-AX56U V2 & RT-AC86U. This...
Critical
Unreviewed
CVE-2023-35087
was published
Jul 21, 2023
In the Linux kernel, the following vulnerability has been resolved:
wifi: iwlwifi: dbg-tlv:...
Critical
Unreviewed
CVE-2024-35845
was published
May 17, 2024
In versions of Zend Server 8.5 and prior to version 9.2 a format string injection was discovered....
Critical
Unreviewed
CVE-2024-9129
was published
Oct 22, 2024
The HttpRequest object allows to get the HTTP headers from the server's response after sending...
Critical
Unreviewed
CVE-2024-42330
was published
Nov 27, 2024
ProTip!
Advisories are also available from the
GraphQL API