GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,856
Composer 4,262
Erlang 31
GitHub Actions 21
Go 2,030
Maven 5,210
npm 3,732
NuGet 662
pip 3,409
Pub 12
RubyGems 891
Rust 865
Swift 36

Unreviewed advisories

All unreviewed 237,186

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

327 advisories

Filter by severity

Sort by

Least recently updated

The console in Puppet Enterprise 2015.x and 2016.x prior to 2016.4.0 includes unsafe string reads... High Unreviewed

CVE-2016-5716 was published May 14, 2022

UDisks 2.8.0 has a format string vulnerability in udisks_log in udiskslogging.c, allowing... High Unreviewed

CVE-2018-17336 was published May 14, 2022

In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0... High Unreviewed

CVE-2018-8778 was published May 13, 2022

The Bluetooth stack on the BMW 330i 2011 allows a remote crash of the CD/Multimedia software via ... High Unreviewed

CVE-2017-9212 was published May 13, 2022

In ncurses 6.0, there is a format string vulnerability in the fmt_entry function. A crafted input... Critical Unreviewed

CVE-2017-10685 was published May 13, 2022

An Externally Controlled Format String issue was discovered in Advantech WebAccess versions prior... High Unreviewed

CVE-2017-12702 was published May 13, 2022

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations... Critical Unreviewed

CVE-2017-16608 was published May 13, 2022

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations... High Unreviewed

CVE-2017-16602 was published May 13, 2022

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations... Critical Unreviewed

CVE-2017-17407 was published May 13, 2022

In Ceph, a format string flaw was found in the way libradosstriper parses input from user. A user... Moderate Unreviewed

CVE-2017-7519 was published May 13, 2022

Format String vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS... High Unreviewed

CVE-2018-0175 was published May 13, 2022

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could... High Unreviewed

CVE-2018-1566 was published May 13, 2022

Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact... Critical Unreviewed

CVE-2016-4448 was published May 13, 2022

The ProcessGpsInfo function of the gpsinfo.c file of jhead 3.00 may allow a remote attacker to... High Unreviewed

CVE-2018-16554 was published May 13, 2022

Format String vulnerability in KeepKey version 4.0.0 allows attackers to trigger information... High Unreviewed

CVE-2018-6875 was published May 13, 2022

Ubiquiti Networks EdgeSwitch version 1.7.3 and prior suffer from an externally controlled format... High Unreviewed

CVE-2018-12590 was published May 13, 2022

The Pulse Secure Desktop (macOS) 5.3RX before 5.3R5 and 9.0R1 has a Format String Vulnerability. Moderate Unreviewed

CVE-2018-15749 was published May 13, 2022

An issue was discovered in the Interpeak IPCOMShell TELNET server on Green Hills INTEGRITY RTOS 5... High Unreviewed

CVE-2019-7711 was published May 13, 2022

An issue was discovered in handler_ipcom_shell_pwd in the Interpeak IPCOMShell TELNET server on... High Unreviewed

CVE-2019-7712 was published May 13, 2022

fmtlib version prior to version 4.1.0 (before commit 0555cea5fc0bf890afe0071a558e44625a34ba85)... High Unreviewed

CVE-2018-1000052 was published May 13, 2022

Format string vulnerability in the Print Spooler service in Microsoft Windows XP SP2 and SP3,... High Unreviewed

CVE-2012-1851 was published May 13, 2022

Multiple format string vulnerabilities in Condor 7.2.0 through 7.6.4, and possibly certain 7.7.x... Moderate Unreviewed

CVE-2011-4930 was published May 13, 2022

It was found that usage of snprintf function in feature/locks translator of glusterfs server 3.8... Moderate Unreviewed

CVE-2018-14661 was published May 13, 2022

Puppet Enterprise 2017.3.x prior to 2017.3.3 are vulnerable to a remote execution bug when a... High Unreviewed

CVE-2018-6508 was published May 13, 2022

Format string vulnerability in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to... High Unreviewed

CVE-2012-0242 was published May 4, 2022

Previous 1 2 … 6 7 8 9 10 … 13 14 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

327 advisories