Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

172 advisories

Loading
Four format string injection vulnerabilities exist in the web interface /action/wirelessConnect... High Unreviewed
CVE-2022-35884 was published Oct 25, 2022
Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode... High Unreviewed
CVE-2022-35880 was published Oct 25, 2022
Four format string injection vulnerabilities exist in the web interface /action/wirelessConnect... High Unreviewed
CVE-2022-35887 was published Oct 25, 2022
The Baxter Spectrum WBM is susceptible to format string attacks via application messaging. An... High Unreviewed
CVE-2022-26393 was published Sep 10, 2022
A format string vulnerability [CWE-134] in the command line interpreter of FortiADC version 6.0.0... High Unreviewed
CVE-2022-22299 was published Aug 6, 2022
The voice wakeup module has a vulnerability of using externally-controlled format strings.... High Unreviewed
CVE-2022-31753 was published Jun 14, 2022
A format string vulnerability was found in libinput High Unreviewed
CVE-2022-1215 was published Jun 3, 2022
** DISPUTED ** In Tcl 8.6.11, a format string vulnerability in nmakehlp.c might allow code... High Unreviewed
CVE-2021-35331 was published May 24, 2022
In Weidmueller Industrial WLAN devices in multiple versions an exploitable format string... High Unreviewed
CVE-2021-33535 was published May 24, 2022
IBM Spectrum Scale 5.0.0 through 5.0.5.6 and 5.1.0 through 5.1.0.3 system core component is... High Unreviewed
CVE-2021-29740 was published May 24, 2022
A format string vulnerability in mpv through 0.33.0 allows user-assisted remote attackers to... High Unreviewed
CVE-2021-30145 was published May 24, 2022
In the standard library in Rust before 1.50.3, there is an optimization for joining strings that... High Unreviewed
CVE-2020-36323 was published May 24, 2022
A format string vulnerability in FortiWeb 6.3.0 through 6.3.5 may allow an authenticated, remote... High Unreviewed
CVE-2020-29018 was published May 24, 2022
On Audi A7 MMI 2014 vehicles, the Bluetooth stack in Audi A7 MMI Multiplayer with version (N... High Unreviewed
CVE-2020-27524 was published May 24, 2022
AnyDesk before 5.5.3 on Linux and FreeBSD has a format string vulnerability that can be exploited... High Unreviewed
CVE-2020-13160 was published May 24, 2022
cPanel before 60.0.25 allows format-string injection in exception-message handling (SEC-171). High Unreviewed
CVE-2016-10773 was published May 24, 2022
Remote Code Execution in PAN-OS 7.1.18 and earlier, PAN-OS 8.0.11 and earlier, and PAN-OS 8.1.2... High Unreviewed
CVE-2019-1579 was published May 24, 2022
The ABB IDAL HTTP server mishandles format strings in a username or cookie during the... High Unreviewed
CVE-2019-7228 was published May 24, 2022
The ABB IDAL FTP server mishandles format strings in a username during the authentication process... High Unreviewed
CVE-2019-7230 was published May 24, 2022
Format string vulnerability in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows... High Unreviewed
CVE-2018-14713 was published May 24, 2022
Multiple format string vulnerabilities in the python module in RRDtool, as used in Zenoss Core... High Unreviewed
CVE-2014-6262 was published May 17, 2022
Multiple format string vulnerabilities in White_Dune before 0.29beta851 have unspecified impact... High Unreviewed
CVE-2008-7228 was published May 17, 2022
Format string vulnerability in authcfg.cgi in Accoria Web Server (aka Rock Web Server) 1.4.7... High Unreviewed
CVE-2010-2271 was published May 17, 2022
Format string vulnerability in RealNetworks Helix Server 12.x, 13.x, and 14.x before 14.2, and... High Unreviewed
CVE-2010-4235 was published May 17, 2022
Format string vulnerability in ECTrace.dll in the iMailGateway service in the Internet Mail... High Unreviewed
CVE-2011-2475 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API