GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,788
Composer 4,248
Erlang 31
GitHub Actions 21
Go 2,017
Maven 5,202
npm 3,721
NuGet 662
pip 3,400
Pub 11
RubyGems 890
Rust 852
Swift 36

Unreviewed advisories

All unreviewed 236,299

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

42 advisories

Filter by severity

Sort by

Least recently updated

A Format String vulnerability exists in DrayTek Vigor 2960 <= 1.5.1.3, DrayTek Vigor 3900 <= 1.5... Critical Unreviewed

CVE-2021-42911 was published Mar 30, 2022

ASUS RT-AX88U has a Format String vulnerability, which allows an unauthenticated remote attacker... Critical Unreviewed

CVE-2022-26674 was published Apr 23, 2022

Format string vulnerability in panoFileOutputNamesCreate() in libpano13 2.9.20~rc2+dfsg-3 and... Critical Unreviewed

CVE-2021-20307 was published May 24, 2022

The zmq3 input and output modules in rsyslog before 8.28.0 interpreted description fields as... Critical Unreviewed

CVE-2017-12588 was published May 17, 2022

CloudView NMS before 2.10a has a format string issue exploitable over SNMP. Critical Unreviewed

CVE-2016-5074 was published May 17, 2022

Dell Integrated Remote Access Controller (iDRAC) 7/8 before 2.21.21.21 has a format string issue... Critical Unreviewed

CVE-2015-7271 was published May 17, 2022

A vulnerability was found in multimon-ng. It has been rated as critical. This issue affects the... Critical Unreviewed

CVE-2020-36619 was published Dec 19, 2022

A vulnerability was found in intgr uqm-wasm. It has been classified as critical. This affects the... Critical Unreviewed

CVE-2020-36643 was published Jan 6, 2023

A vulnerability, which was classified as critical, has been found in sslh. This issue affects the... Critical Unreviewed

CVE-2022-4639 was published Dec 22, 2022

Wire before 2020-10-16 allows remote attackers to cause a denial of service (application crash)... Critical Unreviewed

CVE-2020-27853 was published May 24, 2022

A format string vulnerability in Zyxel NAS326 firmware versions prior to V5.21(AAZF.12)C0 could... Critical Unreviewed

CVE-2022-34747 was published Sep 7, 2022

A format string injection vulnerability exists in the ghome_process_control_packet functionality... Critical Unreviewed

CVE-2022-33938 was published Oct 25, 2022

A format string injection vulnerability exists in the XCMD getVarHA functionality of abode... Critical Unreviewed

CVE-2022-35244 was published Oct 25, 2022

Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode... Critical Unreviewed

CVE-2022-35874 was published Oct 25, 2022

Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode... Critical Unreviewed

CVE-2022-35877 was published Oct 25, 2022

Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode... Critical Unreviewed

CVE-2022-35875 was published Oct 25, 2022

Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode... Critical Unreviewed

CVE-2022-35876 was published Oct 25, 2022

Remote Code Execution in Apache Dubbo Critical

CVE-2021-36161 was published for org.apache.dubbo:dubbo (Maven) Sep 10, 2021

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations... Critical Unreviewed

CVE-2017-17407 was published May 13, 2022

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations... Critical Unreviewed

CVE-2017-16608 was published May 13, 2022

In ncurses 6.0, there is a format string vulnerability in the fmt_entry function. A crafted input... Critical Unreviewed

CVE-2017-10685 was published May 13, 2022

A format string vulnerability in Fortinet FortiOS 5.6.0 allows attacker to execute unauthorized... Critical Unreviewed

CVE-2018-1352 was published May 14, 2022

Ruby before 2.4.2, 2.3.5, and 2.2.8 is vulnerable to a malicious format string which contains a... Critical Unreviewed

CVE-2017-0898 was published May 14, 2022

A Format String: CWE-134 vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX... Critical Unreviewed

CVE-2019-6840 was published May 24, 2022

** DISPUTED ** A cross-protocol scripting issue was discovered in the management interface in... Critical Unreviewed

CVE-2018-7544 was published May 14, 2022

Previous 1 2 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

42 advisories