Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

318 advisories

Loading
In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0... High Unreviewed
CVE-2018-8778 was published May 13, 2022
UDisks 2.8.0 has a format string vulnerability in udisks_log in udiskslogging.c, allowing... High Unreviewed
CVE-2018-17336 was published May 14, 2022
The console in Puppet Enterprise 2015.x and 2016.x prior to 2016.4.0 includes unsafe string reads... High Unreviewed
CVE-2016-5716 was published May 14, 2022
An issue was discovered in the Interpeak IPCOMShell TELNET server on Green Hills INTEGRITY RTOS 5... High Unreviewed
CVE-2019-7715 was published May 14, 2022
When using incomplete escape codes, Irssi before 1.0.6 may access data beyond the end of the string. High Unreviewed
CVE-2018-5205 was published May 14, 2022
When using an incomplete variable argument, Irssi before 1.0.6 may access data beyond the end of... High Unreviewed
CVE-2018-5207 was published May 14, 2022
H2O versions 2.0.3 and earlier and 2.1.0-beta2 and earlier allows remote attackers to cause a... High Unreviewed
CVE-2016-4864 was published May 14, 2022
A format string vulnerability in Fortinet FortiOS 5.6.0 allows attacker to execute unauthorized... Critical Unreviewed
CVE-2018-1352 was published May 14, 2022
In Wireshark 2.4.0 to 2.4.1, 2.2.0 to 2.2.9, and 2.0.0 to 2.0.15, the DMP dissector could crash.... High Unreviewed
CVE-2017-15191 was published May 14, 2022
Format string vulnerability in VPN in Apple iOS before 5.1 allows remote attackers to execute... High Unreviewed
CVE-2012-0646 was published May 14, 2022
Format string vulnerability in Screen Sharing Server in Apple Mac OS X before 10.9 and Apple... High Unreviewed
CVE-2013-5135 was published May 14, 2022
The dissect_dsmcc_un_download function in epan/dissectors/packet-mpeg-dsmcc.c in the MPEG DSM-CC... Moderate Unreviewed
CVE-2013-3560 was published May 14, 2022
Format string vulnerability in the vinagre_utils_show_error function (src/vinagre-utils.c) in... Moderate Unreviewed
CVE-2008-5660 was published May 14, 2022
Format string vulnerability in the Epic Games Unreal engine client, as used in multiple games,... High Unreviewed
CVE-2008-6441 was published May 14, 2022
Format string vulnerability in BMC PATROL Agent before 3.7.30 allows remote attackers to execute... High Unreviewed
CVE-2008-5982 was published May 14, 2022
Format string vulnerability in ovet_demandpoll.exe in HP OpenView Network Node Manager (OV NNM) 7... High Unreviewed
CVE-2010-1550 was published May 14, 2022
Ruby before 2.4.2, 2.3.5, and 2.2.8 is vulnerable to a malicious format string which contains a... Critical Unreviewed
CVE-2017-0898 was published May 14, 2022
A Format String: CWE-134 vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX... Critical Unreviewed
CVE-2019-6840 was published May 24, 2022
The ABB IDAL HTTP server mishandles format strings in a username or cookie during the... High Unreviewed
CVE-2019-7228 was published May 24, 2022
The ABB IDAL FTP server mishandles format strings in a username during the authentication process... High Unreviewed
CVE-2019-7230 was published May 24, 2022
The Baxter Spectrum WBM is susceptible to format string attacks via application messaging. An... High Unreviewed
CVE-2022-26393 was published Sep 10, 2022
The Baxter Spectrum WBM (v16, v16D38) and Baxter Spectrum WBM (v17, v17D19, v20D29 to v20D32)... Moderate Unreviewed
CVE-2022-26392 was published Sep 10, 2022
** DISPUTED ** A cross-protocol scripting issue was discovered in the management interface in... Critical Unreviewed
CVE-2018-7544 was published May 14, 2022
Huawei VP9660 V500R002C10 has a uncontrolled format string vulnerability when the license module... Moderate Unreviewed
CVE-2017-17132 was published May 14, 2022
The remote management interface in Claymore Dual Miner 10.5 and earlier is vulnerable to an... Critical Unreviewed
CVE-2018-6317 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database