GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,786
Composer 4,248
Erlang 31
GitHub Actions 21
Go 2,015
Maven 5,202
npm 3,721
NuGet 662
pip 3,400
Pub 11
RubyGems 890
Rust 852
Swift 36

Unreviewed advisories

All unreviewed 236,197

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

309 advisories

Filter by severity

Sort by

Least recently updated

Crash in the USB HID protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial of service via... High Unreviewed

CVE-2022-3724 was published Dec 9, 2022

Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode... Critical Unreviewed

CVE-2022-35874 was published Oct 25, 2022

Four format string injection vulnerabilities exist in the web interface /action/wirelessConnect... High Unreviewed

CVE-2022-35885 was published Oct 25, 2022

Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode... Critical Unreviewed

CVE-2022-35875 was published Oct 25, 2022

Four format string injection vulnerabilities exist in the web interface /action/wirelessConnect... High Unreviewed

CVE-2022-35886 was published Oct 25, 2022

Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode... High Unreviewed

CVE-2022-35878 was published Oct 25, 2022

Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode... High Unreviewed

CVE-2022-35879 was published Oct 25, 2022

Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode... High Unreviewed

CVE-2022-35881 was published Oct 25, 2022

Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode... Critical Unreviewed

CVE-2022-35876 was published Oct 25, 2022

Four format string injection vulnerabilities exist in the web interface /action/wirelessConnect... High Unreviewed

CVE-2022-35884 was published Oct 25, 2022

Four format string injection vulnerabilities exist in the web interface /action/wirelessConnect... High Unreviewed

CVE-2022-35887 was published Oct 25, 2022

Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode... Critical Unreviewed

CVE-2022-35877 was published Oct 25, 2022

Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode... High Unreviewed

CVE-2022-35880 was published Oct 25, 2022

A format string injection vulnerability exists in the ghome_process_control_packet functionality... Critical Unreviewed

CVE-2022-33938 was published Oct 25, 2022

A format string injection vulnerability exists in the XCMD getVarHA functionality of abode... Critical Unreviewed

CVE-2022-35244 was published Oct 25, 2022

The Baxter Spectrum WBM is susceptible to format string attacks via application messaging. An... High Unreviewed

CVE-2022-26393 was published Sep 10, 2022

The Baxter Spectrum WBM (v16, v16D38) and Baxter Spectrum WBM (v17, v17D19, v20D29 to v20D32)... Moderate Unreviewed

CVE-2022-26392 was published Sep 10, 2022

A format string vulnerability in Zyxel NAS326 firmware versions prior to V5.21(AAZF.12)C0 could... Critical Unreviewed

CVE-2022-34747 was published Sep 7, 2022

A flaw was found in the Red Hat OpenShift API Management product. User input is not validated... Moderate Unreviewed

CVE-2021-3442 was published Aug 23, 2022

A format string vulnerability [CWE-134] in the command line interpreter of FortiADC version 6.0.0... High Unreviewed

CVE-2022-22299 was published Aug 6, 2022

Depending on the way the format strings in the card label are crafted it's possible to leak... Moderate Unreviewed

CVE-2022-2652 was published Aug 5, 2022

The voice wakeup module has a vulnerability of using externally-controlled format strings.... High Unreviewed

CVE-2022-31753 was published Jun 14, 2022

A format string vulnerability was found in libinput High Unreviewed

CVE-2022-1215 was published Jun 3, 2022

A remote denial of service vulnerability was discovered in Aruba Instant version(s): Aruba... Moderate Unreviewed

CVE-2021-37735 was published May 24, 2022

Assuming radio permission is gained, missing input validation in modem interface driver prior to... Moderate Unreviewed

CVE-2021-25489 was published May 24, 2022

Previous 1 2 3 4 5 … 12 13 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

309 advisories