Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

191 advisories

Loading
Use of externally-controlled format string vulnerability in mPOS TUI trustlet prior to SMR May... High Unreviewed
CVE-2023-21497 was published May 4, 2023
A valid, authenticated user may be able to trigger a denial of service of the XCC web user... High Unreviewed
CVE-2023-25492 was published May 1, 2023
A use of externally-controlled format string in Fortinet FortiWeb version 7.0.0 through 7.0.1,... High Unreviewed
CVE-2023-23783 was published Feb 16, 2023
Use of Externally-Controlled Format String vulnerabilities in STST TA prior to SMR Jan-2023... High Unreviewed
CVE-2023-21420 was published Feb 9, 2023
Crash in the USB HID protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial of service via... High Unreviewed
CVE-2022-3724 was published Dec 9, 2022
Four format string injection vulnerabilities exist in the web interface /action/wirelessConnect... High Unreviewed
CVE-2022-35885 was published Oct 25, 2022
Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode... High Unreviewed
CVE-2022-35881 was published Oct 25, 2022
Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode... High Unreviewed
CVE-2022-35880 was published Oct 25, 2022
Four format string injection vulnerabilities exist in the web interface /action/wirelessConnect... High Unreviewed
CVE-2022-35884 was published Oct 25, 2022
Four format string injection vulnerabilities exist in the web interface /action/wirelessConnect... High Unreviewed
CVE-2022-35887 was published Oct 25, 2022
Four format string injection vulnerabilities exist in the web interface /action/wirelessConnect... High Unreviewed
CVE-2022-35886 was published Oct 25, 2022
Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode... High Unreviewed
CVE-2022-35878 was published Oct 25, 2022
Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode... High Unreviewed
CVE-2022-35879 was published Oct 25, 2022
Apache Airflow vulnerable to Use of Externally-Controlled Format String High
CVE-2022-40604 was published for apache-airflow (pip) Sep 22, 2022
sunSUNQ
The Baxter Spectrum WBM is susceptible to format string attacks via application messaging. An... High Unreviewed
CVE-2022-26393 was published Sep 10, 2022
A format string vulnerability [CWE-134] in the command line interpreter of FortiADC version 6.0.0... High Unreviewed
CVE-2022-22299 was published Aug 6, 2022
The voice wakeup module has a vulnerability of using externally-controlled format strings.... High Unreviewed
CVE-2022-31753 was published Jun 14, 2022
A format string vulnerability was found in libinput High Unreviewed
CVE-2022-1215 was published Jun 3, 2022
** DISPUTED ** In Tcl 8.6.11, a format string vulnerability in nmakehlp.c might allow code... High Unreviewed
CVE-2021-35331 was published May 24, 2022
In Weidmueller Industrial WLAN devices in multiple versions an exploitable format string... High Unreviewed
CVE-2021-33535 was published May 24, 2022
IBM Spectrum Scale 5.0.0 through 5.0.5.6 and 5.1.0 through 5.1.0.3 system core component is... High Unreviewed
CVE-2021-29740 was published May 24, 2022
A format string vulnerability in mpv through 0.33.0 allows user-assisted remote attackers to... High Unreviewed
CVE-2021-30145 was published May 24, 2022
In the standard library in Rust before 1.50.3, there is an optimization for joining strings that... High Unreviewed
CVE-2020-36323 was published May 24, 2022
A format string vulnerability in FortiWeb 6.3.0 through 6.3.5 may allow an authenticated, remote... High Unreviewed
CVE-2020-29018 was published May 24, 2022
On Audi A7 MMI 2014 vehicles, the Bluetooth stack in Audi A7 MMI Multiplayer with version (N... High Unreviewed
CVE-2020-27524 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database