GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
173 advisories
Filter by severity
Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode...
High
Unreviewed
CVE-2022-35879
was published
Oct 25, 2022
Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode...
High
Unreviewed
CVE-2022-35878
was published
Oct 25, 2022
Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode...
High
Unreviewed
CVE-2022-35880
was published
Oct 25, 2022
Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode...
High
Unreviewed
CVE-2022-35881
was published
Oct 25, 2022
The Baxter Spectrum WBM is susceptible to format string attacks via application messaging. An...
High
Unreviewed
CVE-2022-26393
was published
Sep 10, 2022
A format string vulnerability [CWE-134] in the command line interpreter of FortiADC version 6.0.0...
High
Unreviewed
CVE-2022-22299
was published
Aug 6, 2022
The voice wakeup module has a vulnerability of using externally-controlled format strings....
High
Unreviewed
CVE-2022-31753
was published
Jun 14, 2022
A format string vulnerability was found in libinput
High
Unreviewed
CVE-2022-1215
was published
Jun 3, 2022
** DISPUTED ** In Tcl 8.6.11, a format string vulnerability in nmakehlp.c might allow code...
High
Unreviewed
CVE-2021-35331
was published
May 24, 2022
In Weidmueller Industrial WLAN devices in multiple versions an exploitable format string...
High
Unreviewed
CVE-2021-33535
was published
May 24, 2022
IBM Spectrum Scale 5.0.0 through 5.0.5.6 and 5.1.0 through 5.1.0.3 system core component is...
High
Unreviewed
CVE-2021-29740
was published
May 24, 2022
A format string vulnerability in mpv through 0.33.0 allows user-assisted remote attackers to...
High
Unreviewed
CVE-2021-30145
was published
May 24, 2022
In the standard library in Rust before 1.50.3, there is an optimization for joining strings that...
High
Unreviewed
CVE-2020-36323
was published
May 24, 2022
A format string vulnerability in FortiWeb 6.3.0 through 6.3.5 may allow an authenticated, remote...
High
Unreviewed
CVE-2020-29018
was published
May 24, 2022
On Audi A7 MMI 2014 vehicles, the Bluetooth stack in Audi A7 MMI Multiplayer with version (N...
High
Unreviewed
CVE-2020-27524
was published
May 24, 2022
AnyDesk before 5.5.3 on Linux and FreeBSD has a format string vulnerability that can be exploited...
High
Unreviewed
CVE-2020-13160
was published
May 24, 2022
cPanel before 60.0.25 allows format-string injection in exception-message handling (SEC-171).
High
Unreviewed
CVE-2016-10773
was published
May 24, 2022
Remote Code Execution in PAN-OS 7.1.18 and earlier, PAN-OS 8.0.11 and earlier, and PAN-OS 8.1.2...
High
Unreviewed
CVE-2019-1579
was published
May 24, 2022
The ABB IDAL HTTP server mishandles format strings in a username or cookie during the...
High
Unreviewed
CVE-2019-7228
was published
May 24, 2022
The ABB IDAL FTP server mishandles format strings in a username during the authentication process...
High
Unreviewed
CVE-2019-7230
was published
May 24, 2022
Format string vulnerability in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows...
High
Unreviewed
CVE-2018-14713
was published
May 24, 2022
Multiple format string vulnerabilities in the python module in RRDtool, as used in Zenoss Core...
High
Unreviewed
CVE-2014-6262
was published
May 17, 2022
Multiple format string vulnerabilities in White_Dune before 0.29beta851 have unspecified impact...
High
Unreviewed
CVE-2008-7228
was published
May 17, 2022
Format string vulnerability in authcfg.cgi in Accoria Web Server (aka Rock Web Server) 1.4.7...
High
Unreviewed
CVE-2010-2271
was published
May 17, 2022
Format string vulnerability in RealNetworks Helix Server 12.x, 13.x, and 14.x before 14.2, and...
High
Unreviewed
CVE-2010-4235
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API