Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,144
NuGet
735
pip
3,947
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

340 advisories

Loading
ImageMagick has a Format String Bug in InterpretImageFilename leads to arbitrary code execution High
CVE-2025-55298 was published for Magick.NET-Q16-AnyCPU (NuGet) Aug 26, 2025
leehohojune jin-156
amethyst0225
Solar FTP Server fails to properly handle format strings passed to the USER command. When a... High Unreviewed
CVE-2011-10029 was published Aug 20, 2025
ComSndFTP FTP Server version 1.3.7 Beta contains a format string vulnerability in its handling of... Critical Unreviewed
CVE-2012-10055 was published Aug 13, 2025
Use of Externally-Controlled Format String vulnerability in the SonicOS SSL VPN interface allows... Critical Unreviewed
CVE-2025-40600 was published Jul 30, 2025
An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139... High Unreviewed
CVE-2025-46121 was published Jul 21, 2025
An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139... High Unreviewed
CVE-2025-46123 was published Jul 21, 2025
A use of externally-controlled format string vulnerability has been reported to affect Qsync... Low Unreviewed
CVE-2025-22482 was published Jun 6, 2025
A use of externally-controlled format string vulnerability [CWE-134] in FortiOS version 7.4.0... High Unreviewed
CVE-2024-45324 was published Mar 11, 2025
An XML External Entity (XXE) vulnerability in the deserializeArgs() method of Java SDK for... Moderate Unreviewed
CVE-2024-55156 was published Feb 21, 2025
A use of externally-controlled format string vulnerability [CWE-134] in Fortinet FortiOS version... Moderate Unreviewed
CVE-2023-40721 was published Feb 11, 2025
ASTEVAL Allows Maliciously Crafted Format Strings to Lead to Sandbox Escape High
CVE-2025-24359 was published for asteval (pip) Jan 24, 2025
SteakEnthusiast
A post-authentication format string vulnerability in SonicOS management allows a remote attacker... Critical Unreviewed
CVE-2024-12805 was published Jan 9, 2025
A use of externally-controlled format string vulnerability has been reported to affect several... Low Unreviewed
CVE-2024-50403 was published Dec 6, 2024
A use of externally-controlled format string vulnerability has been reported to affect several... Low Unreviewed
CVE-2024-50402 was published Dec 6, 2024
The HttpRequest object allows to get the HTTP headers from the server's response after sending... Critical Unreviewed
CVE-2024-42330 was published Nov 27, 2024
A use of externally-controlled format string vulnerability has been reported to affect several... Low Unreviewed
CVE-2024-50399 was published Nov 22, 2024
A use of externally-controlled format string vulnerability has been reported to affect several... High Unreviewed
CVE-2024-50396 was published Nov 22, 2024
A use of externally-controlled format string vulnerability has been reported to affect several... Low Unreviewed
CVE-2024-50398 was published Nov 22, 2024
A use of externally-controlled format string vulnerability has been reported to affect several... Low Unreviewed
CVE-2024-50400 was published Nov 22, 2024
A use of externally-controlled format string vulnerability has been reported to affect several... Low Unreviewed
CVE-2024-50401 was published Nov 22, 2024
A use of externally-controlled format string vulnerability has been reported to affect several... High Unreviewed
CVE-2024-50397 was published Nov 22, 2024
In versions of Zend Server 8.5 and prior to version 9.2 a format string injection was discovered.... Critical Unreviewed
CVE-2024-9129 was published Oct 22, 2024
A use of externally-controlled format string in Fortinet FortiAnalyzer versions 7.4.0 through 7.4... High Unreviewed
CVE-2024-45330 was published Oct 8, 2024
A Use of Externally-Controlled Format String vulnerability in the Packet Forwarding Engine (PFE)... High Unreviewed
CVE-2024-39529 was published Jul 11, 2024
OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable... Moderate Unreviewed
CVE-2024-4641 was published Jun 25, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database