Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,467
Erlang
33
GitHub Actions
23
Go
2,172
Maven
5,000+
npm
3,832
NuGet
696
pip
3,508
Pub
12
RubyGems
910
Rust
907
Swift
38
Unreviewed advisories
All unreviewed
5,000+

333 advisories

Loading
A flaw was found in the Red Hat OpenShift API Management product. User input is not validated... Moderate Unreviewed
CVE-2021-3442 was published Aug 23, 2022
Multiple format string vulnerabilities in Condor 7.2.0 through 7.6.4, and possibly certain 7.7.x... Moderate Unreviewed
CVE-2011-4930 was published May 13, 2022
In BIG-IP starting in versions 17.0.0, 16.1.2.2, 15.1.5.1, 14.1.4.6, and 13.1.5 on their... Critical Unreviewed
CVE-2023-22374 was published Feb 1, 2023
ovirt_safe_delete_config in ovirtfunctions.py and other unspecified locations in ovirt-node 3.0.0... High Unreviewed
CVE-2014-8170 was published May 17, 2022
An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to cause a denial of... Moderate Unreviewed
CVE-2019-18420 was published May 24, 2022
Use of Externally-Controlled Format String vulnerabilities in STST TA prior to SMR Jan-2023... High Unreviewed
CVE-2023-21420 was published Feb 9, 2023
IBM Spectrum Scale (5.1.0.0 through 5.1.2.8 and 5.1.3.0 through 5.1.5.1) and IBM Elastic Storage... Moderate Unreviewed
CVE-2022-43869 was published Feb 12, 2023
A use of externally-controlled format string in Fortinet FortiWeb version 7.0.0 through 7.0.1,... High Unreviewed
CVE-2023-23783 was published Feb 16, 2023
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected... Moderate Unreviewed
CVE-2022-43619 was published Mar 29, 2023
Mishandling of format strings in ncurses High
CVE-2019-15547 was published for ncurses (Rust) Aug 25, 2021
Mishandling of format strings in rusqlite Critical
CVE-2020-35869 was published for rusqlite (Rust) Aug 25, 2021
Crash in the USB HID protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial of service via... High Unreviewed
CVE-2022-3724 was published Dec 9, 2022
Use of Externally-Controlled Format String in consoleme Critical
CVE-2022-27177 was published for consoleme (pip) Apr 3, 2022
A format string vulnerability was found in libinput High Unreviewed
CVE-2022-1215 was published Jun 3, 2022
gtk2 vulnerable to Use of Externally-Controlled Format String Moderate
CVE-2007-6183 was published for gtk2 (RubyGems) Oct 24, 2017
yajl-ruby gem Denial of Service vulnerability High
CVE-2017-16516 was published for yajl-ruby (RubyGems) Nov 28, 2017
tdunlap607
actionmailer email address processing causes Denial of service Moderate
CVE-2013-4389 was published for actionmailer (RubyGems) Oct 24, 2017
A vulnerability regarding use of externally-controlled format string is found in the cgi... Critical Unreviewed
CVE-2023-5746 was published Oct 25, 2023
A vulnerability classified as critical has been found in TOTOLINK N200RE V5 9.3.5u.6437_B20230519... High Unreviewed
CVE-2023-4746 was published Sep 4, 2023
A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.4,... High Unreviewed
CVE-2023-36639 was published Dec 13, 2023
A format string issue in the Controller 6000's optional diagnostic web interface can be used... High Unreviewed
CVE-2023-24590 was published Dec 19, 2023
Apache log4net format string vulnerability causes DoS Moderate
CVE-2006-0743 was published for log4net (NuGet) May 1, 2022
A use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7... Critical Unreviewed
CVE-2024-23113 was published Feb 15, 2024
A format string vulnerability in Zyxel ATP series firmware versions from 4.32 through 5.37 Patch... Moderate Unreviewed
CVE-2023-6399 was published Feb 20, 2024
A format string vulnerability in a function of the IPSec VPN feature in Zyxel ATP... High Unreviewed
CVE-2023-6764 was published Feb 20, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database