Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

174 advisories

Loading
DMitry (Deepmagic Information Gathering Tool) 1.3a has a format-string vulnerability, with a... High Unreviewed
CVE-2024-31837 was published Apr 30, 2024
A use of externally-controlled format string in Fortinet FortiAnalyzer versions 7.4.0 through 7.4... High Unreviewed
CVE-2024-45330 was published Oct 8, 2024
A Use of Externally-Controlled Format String vulnerability in the Packet Forwarding Engine (PFE)... High Unreviewed
CVE-2024-39529 was published Jul 11, 2024
Remote Code Execution in PAN-OS 7.1.18 and earlier, PAN-OS 8.0.11 and earlier, and PAN-OS 8.1.2... High Unreviewed
CVE-2019-1579 was published May 24, 2022
Format String vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS... High Unreviewed
CVE-2018-0175 was published May 13, 2022
Format string vulnerability in ArcGIS for ESRI ArcInfo Workstation 9.0 allows local users to gain... High Unreviewed
CVE-2005-1394 was published May 1, 2022
Actiontec WCB6200Q Cookie Format String Remote Code Execution Vulnerability. This vulnerability... High Unreviewed
CVE-2024-6145 was published Jun 19, 2024
In the standard library in Rust before 1.50.3, there is an optimization for joining strings that... High Unreviewed
CVE-2020-36323 was published May 24, 2022
A format string vulnerability exists in Motorola MTM5000 series firmware AT command handler for... High Unreviewed
CVE-2022-26941 was published Oct 19, 2023
ASUS router RT-AX88U has a vulnerability of using externally controllable format strings within... High Unreviewed
CVE-2023-41349 was published Sep 18, 2023
A format string vulnerability in the Zyxel ATP series firmware versions 5.10 through 5.36 Patch 2... High Unreviewed
CVE-2023-33011 was published Jul 17, 2023
A use of externally-controlled format string in Fortinet FortiOS version 7.2.0 through 7.2.4,... High Unreviewed
CVE-2022-43953 was published Jun 13, 2023
Use of externally-controlled format string vulnerability in mPOS TUI trustlet prior to SMR May... High Unreviewed
CVE-2023-21497 was published May 4, 2023
A valid, authenticated user may be able to trigger a denial of service of the XCC web user... High Unreviewed
CVE-2023-25492 was published May 1, 2023
cPanel before 60.0.25 allows format-string injection in exception-message handling (SEC-171). High Unreviewed
CVE-2016-10773 was published May 24, 2022
Format string vulnerability in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows... High Unreviewed
CVE-2018-14713 was published May 24, 2022
Multiple format string vulnerabilities in the python module in RRDtool, as used in Zenoss Core... High Unreviewed
CVE-2014-6262 was published May 17, 2022
** DISPUTED ** In Tcl 8.6.11, a format string vulnerability in nmakehlp.c might allow code... High Unreviewed
CVE-2021-35331 was published May 24, 2022
It is identified a format string vulnerability in ASUS RT-AX56U V2 & RT-AC86U. This... High Unreviewed
CVE-2023-35086 was published Jul 21, 2023
It is identified a format string vulnerability in ASUS RT-AX56U V2’s iperf client function API.... High Unreviewed
CVE-2023-39240 was published Sep 7, 2023
It is identified a format string vulnerability in ASUS RT-AX56U V2’s General function API. This... High Unreviewed
CVE-2023-39239 was published Sep 7, 2023
It is identified a format string vulnerability in ASUS RT-AX56U V2. This vulnerability is caused... High Unreviewed
CVE-2023-39238 was published Sep 7, 2023
A use of externally-controlled format string in Fortinet FortiOS 7.2.0 through 7.2.4, 7.0.0... High Unreviewed
CVE-2023-29181 was published Feb 22, 2024
A format string vulnerability in a function of the IPSec VPN feature in Zyxel ATP... High Unreviewed
CVE-2023-6764 was published Feb 20, 2024
A format string issue in the Controller 6000's optional diagnostic web interface can be used... High Unreviewed
CVE-2023-24590 was published Dec 19, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database