Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,087
Maven
5,000+
npm
3,751
NuGet
674
pip
3,437
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

184 advisories

Loading
Multiple format string vulnerabilities in Wireshark (aka Ethereal) 0.10.x to 0.99.0 allow remote... High Unreviewed
CVE-2006-3628 was published May 3, 2022
Format string vulnerability in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to... High Unreviewed
CVE-2012-0242 was published May 4, 2022
A format string vulnerability [CWE-134] in the command line interpreter of FortiADC version 6.0.0... High Unreviewed
CVE-2022-22299 was published Aug 6, 2022
Puppet Enterprise 2017.3.x prior to 2017.3.3 are vulnerable to a remote execution bug when a... High Unreviewed
CVE-2018-6508 was published May 13, 2022
Format string vulnerability in the Print Spooler service in Microsoft Windows XP SP2 and SP3,... High Unreviewed
CVE-2012-1851 was published May 13, 2022
fmtlib version prior to version 4.1.0 (before commit 0555cea5fc0bf890afe0071a558e44625a34ba85)... High Unreviewed
CVE-2018-1000052 was published May 13, 2022
Format string vulnerabilities in pancurses High
CVE-2019-15546 was published for pancurses (Rust) Aug 25, 2021
An issue was discovered in handler_ipcom_shell_pwd in the Interpeak IPCOMShell TELNET server on... High Unreviewed
CVE-2019-7712 was published May 13, 2022
An issue was discovered in the Interpeak IPCOMShell TELNET server on Green Hills INTEGRITY RTOS 5... High Unreviewed
CVE-2019-7711 was published May 13, 2022
The ProcessGpsInfo function of the gpsinfo.c file of jhead 3.00 may allow a remote attacker to... High Unreviewed
CVE-2018-16554 was published May 13, 2022
Ubiquiti Networks EdgeSwitch version 1.7.3 and prior suffer from an externally controlled format... High Unreviewed
CVE-2018-12590 was published May 13, 2022
Format String vulnerability in KeepKey version 4.0.0 allows attackers to trigger information... High Unreviewed
CVE-2018-6875 was published May 13, 2022
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could... High Unreviewed
CVE-2018-1566 was published May 13, 2022
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations... High Unreviewed
CVE-2017-16602 was published May 13, 2022
An Externally Controlled Format String issue was discovered in Advantech WebAccess versions prior... High Unreviewed
CVE-2017-12702 was published May 13, 2022
The Bluetooth stack on the BMW 330i 2011 allows a remote crash of the CD/Multimedia software via ... High Unreviewed
CVE-2017-9212 was published May 13, 2022
In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0... High Unreviewed
CVE-2018-8778 was published May 13, 2022
UDisks 2.8.0 has a format string vulnerability in udisks_log in udiskslogging.c, allowing... High Unreviewed
CVE-2018-17336 was published May 14, 2022
The console in Puppet Enterprise 2015.x and 2016.x prior to 2016.4.0 includes unsafe string reads... High Unreviewed
CVE-2016-5716 was published May 14, 2022
An issue was discovered in the Interpeak IPCOMShell TELNET server on Green Hills INTEGRITY RTOS 5... High Unreviewed
CVE-2019-7715 was published May 14, 2022
When using incomplete escape codes, Irssi before 1.0.6 may access data beyond the end of the string. High Unreviewed
CVE-2018-5205 was published May 14, 2022
When using an incomplete variable argument, Irssi before 1.0.6 may access data beyond the end of... High Unreviewed
CVE-2018-5207 was published May 14, 2022
H2O versions 2.0.3 and earlier and 2.1.0-beta2 and earlier allows remote attackers to cause a... High Unreviewed
CVE-2016-4864 was published May 14, 2022
In Wireshark 2.4.0 to 2.4.1, 2.2.0 to 2.2.9, and 2.0.0 to 2.0.15, the DMP dissector could crash.... High Unreviewed
CVE-2017-15191 was published May 14, 2022
Format string vulnerability in VPN in Apple iOS before 5.1 allows remote attackers to execute... High Unreviewed
CVE-2012-0646 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database