Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,144
NuGet
735
pip
3,947
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

340 advisories

Loading
Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode... Critical Unreviewed
CVE-2022-35874 was published Oct 25, 2022
Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode... Critical Unreviewed
CVE-2022-35877 was published Oct 25, 2022
Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode... Critical Unreviewed
CVE-2022-35875 was published Oct 25, 2022
A format string injection vulnerability exists in the XCMD getVarHA functionality of abode... Critical Unreviewed
CVE-2022-35244 was published Oct 25, 2022
A format string injection vulnerability exists in the ghome_process_control_packet functionality... Critical Unreviewed
CVE-2022-33938 was published Oct 25, 2022
Apache Airflow vulnerable to Use of Externally-Controlled Format String High
CVE-2022-40604 was published for apache-airflow (pip) Sep 22, 2022
sunSUNQ
The Baxter Spectrum WBM (v16, v16D38) and Baxter Spectrum WBM (v17, v17D19, v20D29 to v20D32)... Moderate Unreviewed
CVE-2022-26392 was published Sep 10, 2022
The Baxter Spectrum WBM is susceptible to format string attacks via application messaging. An... High Unreviewed
CVE-2022-26393 was published Sep 10, 2022
A format string vulnerability in Zyxel NAS326 firmware versions prior to V5.21(AAZF.12)C0 could... Critical Unreviewed
CVE-2022-34747 was published Sep 7, 2022
A flaw was found in the Red Hat OpenShift API Management product. User input is not validated... Moderate Unreviewed
CVE-2021-3442 was published Aug 23, 2022
A format string vulnerability [CWE-134] in the command line interpreter of FortiADC version 6.0.0... High Unreviewed
CVE-2022-22299 was published Aug 6, 2022
Depending on the way the format strings in the card label are crafted it's possible to leak... Moderate Unreviewed
CVE-2022-2652 was published Aug 5, 2022
The voice wakeup module has a vulnerability of using externally-controlled format strings.... High Unreviewed
CVE-2022-31753 was published Jun 14, 2022
A format string vulnerability was found in libinput High Unreviewed
CVE-2022-1215 was published Jun 3, 2022
A remote denial of service vulnerability was discovered in Aruba Instant version(s): Aruba... Moderate Unreviewed
CVE-2021-37735 was published May 24, 2022
Assuming radio permission is gained, missing input validation in modem interface driver prior to... Moderate Unreviewed
CVE-2021-25489 was published May 24, 2022
A Format String vulnerablity exists in TRENDnet TEW-755AP 1.11B03, TEW-755AP2KAC 1.11B03, TEW... Moderate Unreviewed
CVE-2021-28846 was published May 24, 2022
** DISPUTED ** In Tcl 8.6.11, a format string vulnerability in nmakehlp.c might allow code... High Unreviewed
CVE-2021-35331 was published May 24, 2022
In Weidmueller Industrial WLAN devices in multiple versions an exploitable format string... High Unreviewed
CVE-2021-33535 was published May 24, 2022
IBM Spectrum Scale 5.0.0 through 5.0.5.6 and 5.1.0 through 5.1.0.3 system core component is... High Unreviewed
CVE-2021-29740 was published May 24, 2022
A format string vulnerability in mpv through 0.33.0 allows user-assisted remote attackers to... High Unreviewed
CVE-2021-30145 was published May 24, 2022
In the standard library in Rust before 1.50.3, there is an optimization for joining strings that... High Unreviewed
CVE-2020-36323 was published May 24, 2022
Format string vulnerability in panoFileOutputNamesCreate() in libpano13 2.9.20~rc2+dfsg-3 and... Critical Unreviewed
CVE-2021-20307 was published May 24, 2022
A format string vulnerability in FortiWeb 6.3.0 through 6.3.5 may allow an authenticated, remote... High Unreviewed
CVE-2020-29018 was published May 24, 2022
On Audi A7 MMI 2014 vehicles, the Bluetooth stack in Audi A7 MMI Multiplayer with version (N... High Unreviewed
CVE-2020-27524 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database