GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,017
Maven
5,000+
npm
3,721
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
38 advisories
Filter by severity
The HttpRequest object allows to get the HTTP headers from the server's response after sending...
Critical
Unreviewed
CVE-2024-42330
was published
Nov 27, 2024
In versions of Zend Server 8.5 and prior to version 9.2 a format string injection was discovered....
Critical
Unreviewed
CVE-2024-9129
was published
Oct 22, 2024
In the Linux kernel, the following vulnerability has been resolved:
wifi: iwlwifi: dbg-tlv:...
Critical
Unreviewed
CVE-2024-35845
was published
May 17, 2024
It is identified a format string vulnerability in ASUS RT-AX56U V2 & RT-AC86U. This...
Critical
Unreviewed
CVE-2023-35087
was published
Jul 21, 2023
On Triangle MicroWorks' SCADA Data Gateway version <= v5.01.03, an unauthenticated attacker can...
Critical
Unreviewed
CVE-2023-2186
was published
Jun 7, 2023
An issue was discovered in scopd on Motorola routers CX2 1.01 and M2 1.01. There is a Use of an...
Critical
Unreviewed
CVE-2019-12297
was published
May 24, 2022
A vulnerability, which was classified as critical, was found in ayttm up to 0.5.0.89. This...
Critical
Unreviewed
CVE-2015-10088
was published
Mar 5, 2023
A use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7...
Critical
Unreviewed
CVE-2024-23113
was published
Feb 15, 2024
A vulnerability regarding use of externally-controlled format string is found in the cgi...
Critical
Unreviewed
CVE-2023-5746
was published
Oct 25, 2023
In BIG-IP starting in versions 17.0.0, 16.1.2.2, 15.1.5.1, 14.1.4.6, and 13.1.5 on their...
Critical
Unreviewed
CVE-2023-22374
was published
Feb 1, 2023
Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact...
Critical
Unreviewed
CVE-2016-4448
was published
May 13, 2022
Format string vulnerability in the zend_throw_or_error function in Zend/zend_execute_API.c in PHP...
Critical
Unreviewed
CVE-2015-8617
was published
May 17, 2022
Open On-Chip Debugger (OpenOCD) 0.10.0 does not block attempts to use HTTP POST for sending data...
Critical
Unreviewed
CVE-2018-5704
was published
May 14, 2022
The remote management interface in Claymore Dual Miner 10.5 and earlier is vulnerable to an...
Critical
Unreviewed
CVE-2018-6317
was published
May 14, 2022
** DISPUTED ** A cross-protocol scripting issue was discovered in the management interface in...
Critical
Unreviewed
CVE-2018-7544
was published
May 14, 2022
A Format String: CWE-134 vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX...
Critical
Unreviewed
CVE-2019-6840
was published
May 24, 2022
Ruby before 2.4.2, 2.3.5, and 2.2.8 is vulnerable to a malicious format string which contains a...
Critical
Unreviewed
CVE-2017-0898
was published
May 14, 2022
A format string vulnerability in Fortinet FortiOS 5.6.0 allows attacker to execute unauthorized...
Critical
Unreviewed
CVE-2018-1352
was published
May 14, 2022
In ncurses 6.0, there is a format string vulnerability in the fmt_entry function. A crafted input...
Critical
Unreviewed
CVE-2017-10685
was published
May 13, 2022
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations...
Critical
Unreviewed
CVE-2017-16608
was published
May 13, 2022
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations...
Critical
Unreviewed
CVE-2017-17407
was published
May 13, 2022
Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode...
Critical
Unreviewed
CVE-2022-35875
was published
Oct 25, 2022
Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode...
Critical
Unreviewed
CVE-2022-35876
was published
Oct 25, 2022
Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode...
Critical
Unreviewed
CVE-2022-35874
was published
Oct 25, 2022
Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode...
Critical
Unreviewed
CVE-2022-35877
was published
Oct 25, 2022
ProTip!
Advisories are also available from the
GraphQL API