Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,087
Maven
5,000+
npm
3,751
NuGet
674
pip
3,437
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

184 advisories

Loading
Format string vulnerability in Screen Sharing Server in Apple Mac OS X before 10.9 and Apple... High Unreviewed
CVE-2013-5135 was published May 14, 2022
Format string vulnerability in the Epic Games Unreal engine client, as used in multiple games,... High Unreviewed
CVE-2008-6441 was published May 14, 2022
Format string vulnerability in BMC PATROL Agent before 3.7.30 allows remote attackers to execute... High Unreviewed
CVE-2008-5982 was published May 14, 2022
Format string vulnerability in ovet_demandpoll.exe in HP OpenView Network Node Manager (OV NNM) 7... High Unreviewed
CVE-2010-1550 was published May 14, 2022
The ABB IDAL HTTP server mishandles format strings in a username or cookie during the... High Unreviewed
CVE-2019-7228 was published May 24, 2022
The Baxter Spectrum WBM is susceptible to format string attacks via application messaging. An... High Unreviewed
CVE-2022-26393 was published Sep 10, 2022
The ABB IDAL FTP server mishandles format strings in a username during the authentication process... High Unreviewed
CVE-2019-7230 was published May 24, 2022
Format string vulnerability in the log_message_cb function in otr-plugin.c in the Off-the-Record... High Unreviewed
CVE-2012-2369 was published May 14, 2022
Format string vulnerability in the sudo_debug function in Sudo 1.8.0 through 1.8.3p1 allows local... High Unreviewed
CVE-2012-0809 was published May 14, 2022
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. A crafted HTTP... High Unreviewed
CVE-2021-43041 was published Dec 7, 2021
Format string vulnerability in MemeCode Software i.Scribe 1.88 through 2.00 before Beta9 allows... High Unreviewed
CVE-2008-7074 was published May 17, 2022
Format string vulnerability in Xitami Web Server 2.2a through 2.5c2, and possibly other versions,... High Unreviewed
CVE-2008-6519 was published May 17, 2022
Format string vulnerability in the yyerror function in lib/cgraph/scan.l in Graphviz allows... High Unreviewed
CVE-2014-9157 was published May 17, 2022
Multiple format string vulnerabilities in Yet Another Radius Daemon (YARD RADIUS) 1.1.2 allow... High Unreviewed
CVE-2013-4147 was published May 17, 2022
Format string vulnerability in VMware OVF Tool 2.1 on Windows, as used in VMware Workstation 8.x... High Unreviewed
CVE-2012-3569 was published May 17, 2022
Multiple format string vulnerabilities in FlightGear 2.6 and earlier and SimGear 2.6 and earlier... High Unreviewed
CVE-2012-2090 was published May 17, 2022
Format string vulnerability in the p_cgi_error function in python/neo_cgi.c in the Python CGI Kit... High Unreviewed
CVE-2011-4357 was published May 17, 2022
This vulnerability allows local attackers to escalate privileges on affected installations of... High Unreviewed
CVE-2022-24051 was published Feb 19, 2022
Multiple format string vulnerabilities in phar_object.c in the phar extension in PHP 5.3.5 and... High Unreviewed
CVE-2011-1153 was published May 17, 2022
Use of Externally-Controlled Format String in wire-avs High
CVE-2021-41193 was published for com.wire:avs (Maven) Mar 1, 2022
ovirt_safe_delete_config in ovirtfunctions.py and other unspecified locations in ovirt-node 3.0.0... High Unreviewed
CVE-2014-8170 was published May 17, 2022
Use of Externally-Controlled Format String vulnerabilities in STST TA prior to SMR Jan-2023... High Unreviewed
CVE-2023-21420 was published Feb 9, 2023
A use of externally-controlled format string in Fortinet FortiWeb version 7.0.0 through 7.0.1,... High Unreviewed
CVE-2023-23783 was published Feb 16, 2023
Mishandling of format strings in ncurses High
CVE-2019-15547 was published for ncurses (Rust) Aug 25, 2021
Crash in the USB HID protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial of service via... High Unreviewed
CVE-2022-3724 was published Dec 9, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database