Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

37 advisories

Loading
In versions of Zend Server 8.5 and prior to version 9.2 a format string injection was discovered.... Critical Unreviewed
CVE-2024-9129 was published Oct 22, 2024
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: dbg-tlv:... Critical Unreviewed
CVE-2024-35845 was published May 17, 2024
It is identified a format string vulnerability in ASUS RT-AX56U V2 & RT-AC86U. This... Critical Unreviewed
CVE-2023-35087 was published Jul 21, 2023
On Triangle MicroWorks' SCADA Data Gateway version <= v5.01.03, an unauthenticated attacker can... Critical Unreviewed
CVE-2023-2186 was published Jun 7, 2023
An issue was discovered in scopd on Motorola routers CX2 1.01 and M2 1.01. There is a Use of an... Critical Unreviewed
CVE-2019-12297 was published May 24, 2022
A vulnerability, which was classified as critical, was found in ayttm up to 0.5.0.89. This... Critical Unreviewed
CVE-2015-10088 was published Mar 5, 2023
A use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7... Critical Unreviewed
CVE-2024-23113 was published Feb 15, 2024
A vulnerability regarding use of externally-controlled format string is found in the cgi... Critical Unreviewed
CVE-2023-5746 was published Oct 25, 2023
In BIG-IP starting in versions 17.0.0, 16.1.2.2, 15.1.5.1, 14.1.4.6, and 13.1.5 on their... Critical Unreviewed
CVE-2023-22374 was published Feb 1, 2023
Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact... Critical Unreviewed
CVE-2016-4448 was published May 13, 2022
Format string vulnerability in the zend_throw_or_error function in Zend/zend_execute_API.c in PHP... Critical Unreviewed
CVE-2015-8617 was published May 17, 2022
Open On-Chip Debugger (OpenOCD) 0.10.0 does not block attempts to use HTTP POST for sending data... Critical Unreviewed
CVE-2018-5704 was published May 14, 2022
The remote management interface in Claymore Dual Miner 10.5 and earlier is vulnerable to an... Critical Unreviewed
CVE-2018-6317 was published May 14, 2022
** DISPUTED ** A cross-protocol scripting issue was discovered in the management interface in... Critical Unreviewed
CVE-2018-7544 was published May 14, 2022
A Format String: CWE-134 vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX... Critical Unreviewed
CVE-2019-6840 was published May 24, 2022
Ruby before 2.4.2, 2.3.5, and 2.2.8 is vulnerable to a malicious format string which contains a... Critical Unreviewed
CVE-2017-0898 was published May 14, 2022
A format string vulnerability in Fortinet FortiOS 5.6.0 allows attacker to execute unauthorized... Critical Unreviewed
CVE-2018-1352 was published May 14, 2022
In ncurses 6.0, there is a format string vulnerability in the fmt_entry function. A crafted input... Critical Unreviewed
CVE-2017-10685 was published May 13, 2022
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations... Critical Unreviewed
CVE-2017-16608 was published May 13, 2022
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations... Critical Unreviewed
CVE-2017-17407 was published May 13, 2022
Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode... Critical Unreviewed
CVE-2022-35876 was published Oct 25, 2022
Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode... Critical Unreviewed
CVE-2022-35875 was published Oct 25, 2022
Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode... Critical Unreviewed
CVE-2022-35877 was published Oct 25, 2022
Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode... Critical Unreviewed
CVE-2022-35874 was published Oct 25, 2022
A format string injection vulnerability exists in the XCMD getVarHA functionality of abode... Critical Unreviewed
CVE-2022-35244 was published Oct 25, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database