GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,262
Erlang
31
GitHub Actions
21
Go
2,024
Maven
5,000+
npm
3,731
NuGet
662
pip
3,407
Pub
12
RubyGems
891
Rust
864
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
311 advisories
Filter by severity
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. A crafted HTTP...
High
Unreviewed
CVE-2021-43041
was published
Dec 7, 2021
This vulnerability allows local attackers to escalate privileges on affected installations of...
High
Unreviewed
CVE-2022-24051
was published
Feb 19, 2022
A Format String vulnerability exists in DrayTek Vigor 2960 <= 1.5.1.3, DrayTek Vigor 3900 <= 1.5...
Critical
Unreviewed
CVE-2021-42911
was published
Mar 30, 2022
ASUS RT-AX88U has a Format String vulnerability, which allows an unauthenticated remote attacker...
Critical
Unreviewed
CVE-2022-26674
was published
Apr 23, 2022
The calendar module in phpWebSite 0.9.x and earlier allows remote attackers to cause a denial of...
High
Unreviewed
CVE-2003-0738
was published
Apr 29, 2022
Format string vulnerability in AMX 0.9.2 and earlier, a plugin for Valve Software's Half-Life...
Moderate
Unreviewed
CVE-2003-1381
was published
Apr 29, 2022
Format string vulnerability in the auth_debug function in Courier-IMAP 1.6.0 through 2.2.1 and 3...
High
Unreviewed
CVE-2004-0777
was published
Apr 29, 2022
Format string vulnerability in log.c in rssh before 2.2.2 allows remote authenticated users to...
High
Unreviewed
CVE-2004-1628
was published
Apr 29, 2022
Format string vulnerability in the LogMsg function in sercd before 2.3.1 and sredird 2.2.1 and...
High
Unreviewed
CVE-2004-2386
was published
Apr 29, 2022
Unspecified vulnerability in Window Maker 0.80.2 and earlier allows attackers to perform unknown...
Moderate
Unreviewed
CVE-2004-2714
was published
Apr 29, 2022
Format string vulnerability in the administration function in Cisco Secure Access Control Server ...
High
Unreviewed
CVE-2002-0159
was published
Apr 30, 2022
Format string vulnerability in cgi.c for Monkey daemon (monkeyd) before 0.9.1 allows remote...
High
Unreviewed
CVE-2005-1122
was published
May 1, 2022
Format string vulnerability in ArcGIS for ESRI ArcInfo Workstation 9.0 allows local users to gain...
High
Unreviewed
CVE-2005-1394
was published
May 1, 2022
Format string vulnerability in the logging functionality in BitDefender AntiVirus 7.2 through 9...
High
Unreviewed
CVE-2005-3154
was published
May 1, 2022
Multiple format string vulnerabilities in the auth_ldap_log_reason function in Apache auth_ldap 1...
High
Unreviewed
CVE-2006-0150
was published
May 1, 2022
Format string vulnerability in the error-reporting feature in the mysqli extension in PHP 5.1.0...
High
Unreviewed
CVE-2006-0200
was published
May 1, 2022
Format string vulnerability in a logging function as used by various SFTP servers, including (1)...
Moderate
Unreviewed
CVE-2006-0705
was published
May 1, 2022
Format string vulnerability in PunkBuster 1.180 and earlier, as used by Soldier of Fortune II and...
Moderate
Unreviewed
CVE-2006-0771
was published
May 1, 2022
Format string vulnerability in the CF_syslog function launchd in Apple Mac OS X 10.4 up to 10.4.6...
Moderate
Unreviewed
CVE-2006-1471
was published
May 1, 2022
Multiple format string vulnerabilities in the logging code in Clam AntiVirus (ClamAV) before 0.88...
High
Unreviewed
CVE-2006-1615
was published
May 1, 2022
Multiple format string vulnerabilities in Empire Server before 4.3.1 allow attackers to cause a...
Moderate
Unreviewed
CVE-2006-1840
was published
May 1, 2022
Format string vulnerability in the raydium_log function in console.c in Raydium before SVN...
Moderate
Unreviewed
CVE-2006-2409
was published
May 1, 2022
Multiple unspecified format string vulnerabilities in Dia have unspecified impact and attack...
High
Unreviewed
CVE-2006-2453
was published
May 1, 2022
Format string vulnerability in Dia 0.94 allows user-assisted attackers to cause a denial of...
Moderate
Unreviewed
CVE-2006-2480
was published
May 1, 2022
Format string vulnerability in time.cc in MySQL Server 4.1 before 4.1.21 and 5.0 before 1 April...
Moderate
Unreviewed
CVE-2006-3469
was published
May 1, 2022
ProTip!
Advisories are also available from the
GraphQL API