GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,787
Composer 4,248
Erlang 31
GitHub Actions 21
Go 2,016
Maven 5,202
npm 3,721
NuGet 662
pip 3,400
Pub 11
RubyGems 890
Rust 852
Swift 36

Unreviewed advisories

All unreviewed 236,241

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

176 advisories

Filter by severity

Sort by

Least recently updated

Format string vulnerability in Xitami Web Server 2.2a through 2.5c2, and possibly other versions,... High Unreviewed

CVE-2008-6519 was published May 17, 2022

Format string vulnerability in MemeCode Software i.Scribe 1.88 through 2.00 before Beta9 allows... High Unreviewed

CVE-2008-7074 was published May 17, 2022

ovirt_safe_delete_config in ovirtfunctions.py and other unspecified locations in ovirt-node 3.0.0... High Unreviewed

CVE-2014-8170 was published May 17, 2022

Format string vulnerability in the sudo_debug function in Sudo 1.8.0 through 1.8.3p1 allows local... High Unreviewed

CVE-2012-0809 was published May 14, 2022

Format string vulnerability in the log_message_cb function in otr-plugin.c in the Off-the-Record... High Unreviewed

CVE-2012-2369 was published May 14, 2022

Format string vulnerability in ovet_demandpoll.exe in HP OpenView Network Node Manager (OV NNM) 7... High Unreviewed

CVE-2010-1550 was published May 14, 2022

Format string vulnerability in BMC PATROL Agent before 3.7.30 allows remote attackers to execute... High Unreviewed

CVE-2008-5982 was published May 14, 2022

Format string vulnerability in the Epic Games Unreal engine client, as used in multiple games,... High Unreviewed

CVE-2008-6441 was published May 14, 2022

Format string vulnerability in Screen Sharing Server in Apple Mac OS X before 10.9 and Apple... High Unreviewed

CVE-2013-5135 was published May 14, 2022

Format string vulnerability in VPN in Apple iOS before 5.1 allows remote attackers to execute... High Unreviewed

CVE-2012-0646 was published May 14, 2022

H2O versions 2.0.3 and earlier and 2.1.0-beta2 and earlier allows remote attackers to cause a... High Unreviewed

CVE-2016-4864 was published May 14, 2022

In Wireshark 2.4.0 to 2.4.1, 2.2.0 to 2.2.9, and 2.0.0 to 2.0.15, the DMP dissector could crash.... High Unreviewed

CVE-2017-15191 was published May 14, 2022

When using incomplete escape codes, Irssi before 1.0.6 may access data beyond the end of the string. High Unreviewed

CVE-2018-5205 was published May 14, 2022

When using an incomplete variable argument, Irssi before 1.0.6 may access data beyond the end of... High Unreviewed

CVE-2018-5207 was published May 14, 2022

An issue was discovered in the Interpeak IPCOMShell TELNET server on Green Hills INTEGRITY RTOS 5... High Unreviewed

CVE-2019-7715 was published May 14, 2022

The console in Puppet Enterprise 2015.x and 2016.x prior to 2016.4.0 includes unsafe string reads... High Unreviewed

CVE-2016-5716 was published May 14, 2022

UDisks 2.8.0 has a format string vulnerability in udisks_log in udiskslogging.c, allowing... High Unreviewed

CVE-2018-17336 was published May 14, 2022

In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0... High Unreviewed

CVE-2018-8778 was published May 13, 2022

The Bluetooth stack on the BMW 330i 2011 allows a remote crash of the CD/Multimedia software via ... High Unreviewed

CVE-2017-9212 was published May 13, 2022

An Externally Controlled Format String issue was discovered in Advantech WebAccess versions prior... High Unreviewed

CVE-2017-12702 was published May 13, 2022

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations... High Unreviewed

CVE-2017-16602 was published May 13, 2022

Format String vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS... High Unreviewed

CVE-2018-0175 was published May 13, 2022

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could... High Unreviewed

CVE-2018-1566 was published May 13, 2022

The ProcessGpsInfo function of the gpsinfo.c file of jhead 3.00 may allow a remote attacker to... High Unreviewed

CVE-2018-16554 was published May 13, 2022

Format String vulnerability in KeepKey version 4.0.0 allows attackers to trigger information... High Unreviewed

CVE-2018-6875 was published May 13, 2022

Previous 1 2 3 4 5 6 7 8 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

176 advisories