Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,017
Maven
5,000+
npm
3,722
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+

184 advisories

Loading
yajl-ruby gem Denial of Service vulnerability High
CVE-2017-16516 was published for yajl-ruby (RubyGems) Nov 28, 2017
tdunlap607
Jinja2 sandbox escape vulnerability High
CVE-2016-10745 was published for Jinja2 (pip) Apr 10, 2019
Denial of Service in Tensorflow High
CVE-2020-15203 was published for tensorflow (pip) Sep 25, 2020
Format string vulnerabilities in pancurses High
CVE-2019-15546 was published for pancurses (Rust) Aug 25, 2021
Mishandling of format strings in ncurses High
CVE-2019-15547 was published for ncurses (Rust) Aug 25, 2021
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. A crafted HTTP... High Unreviewed
CVE-2021-43041 was published Dec 7, 2021
This vulnerability allows local attackers to escalate privileges on affected installations of... High Unreviewed
CVE-2022-24051 was published Feb 19, 2022
Use of Externally-Controlled Format String in wire-avs High
CVE-2021-41193 was published for com.wire:avs (Maven) Mar 1, 2022
The calendar module in phpWebSite 0.9.x and earlier allows remote attackers to cause a denial of... High Unreviewed
CVE-2003-0738 was published Apr 29, 2022
Format string vulnerability in the auth_debug function in Courier-IMAP 1.6.0 through 2.2.1 and 3... High Unreviewed
CVE-2004-0777 was published Apr 29, 2022
Format string vulnerability in log.c in rssh before 2.2.2 allows remote authenticated users to... High Unreviewed
CVE-2004-1628 was published Apr 29, 2022
Format string vulnerability in the LogMsg function in sercd before 2.3.1 and sredird 2.2.1 and... High Unreviewed
CVE-2004-2386 was published Apr 29, 2022
Format string vulnerability in the administration function in Cisco Secure Access Control Server ... High Unreviewed
CVE-2002-0159 was published Apr 30, 2022
Format string vulnerability in cgi.c for Monkey daemon (monkeyd) before 0.9.1 allows remote... High Unreviewed
CVE-2005-1122 was published May 1, 2022
Format string vulnerability in ArcGIS for ESRI ArcInfo Workstation 9.0 allows local users to gain... High Unreviewed
CVE-2005-1394 was published May 1, 2022
Format string vulnerability in the logging functionality in BitDefender AntiVirus 7.2 through 9... High Unreviewed
CVE-2005-3154 was published May 1, 2022
Multiple format string vulnerabilities in the auth_ldap_log_reason function in Apache auth_ldap 1... High Unreviewed
CVE-2006-0150 was published May 1, 2022
Format string vulnerability in the error-reporting feature in the mysqli extension in PHP 5.1.0... High Unreviewed
CVE-2006-0200 was published May 1, 2022
Multiple format string vulnerabilities in the logging code in Clam AntiVirus (ClamAV) before 0.88... High Unreviewed
CVE-2006-1615 was published May 1, 2022
Multiple unspecified format string vulnerabilities in Dia have unspecified impact and attack... High Unreviewed
CVE-2006-2453 was published May 1, 2022
Format string vulnerability in the WriteText function in agl_text.cpp in Milan Mimica Sparklet 0... High Unreviewed
CVE-2006-3573 was published May 1, 2022
Format string vulnerability in the inputAnswer function in file.c in w3m before 0.5.2, when run... High Unreviewed
CVE-2006-6772 was published May 1, 2022
Multiple format string vulnerabilities in (1) _invitedToRoom: and (2) _invitedToDirectChat: in... High Unreviewed
CVE-2007-0344 was published May 1, 2022
Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 through 3.0.23d allows... High Unreviewed
CVE-2007-0454 was published May 1, 2022
Format string vulnerability in iMovie HD 6.0.3, and Safari in Apple Mac OS X 10.4 through 10.4.10... High Unreviewed
CVE-2007-0646 was published May 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database