Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,356
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,782
NuGet
683
pip
3,460
Pub
12
RubyGems
893
Rust
892
Swift
38
Unreviewed advisories
All unreviewed
5,000+

185 advisories

Loading
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. A crafted HTTP... High Unreviewed
CVE-2021-43041 was published Dec 7, 2021
Format string vulnerability in the sudo_debug function in Sudo 1.8.0 through 1.8.3p1 allows local... High Unreviewed
CVE-2012-0809 was published May 14, 2022
Format string vulnerability in the log_message_cb function in otr-plugin.c in the Off-the-Record... High Unreviewed
CVE-2012-2369 was published May 14, 2022
The ABB IDAL FTP server mishandles format strings in a username during the authentication process... High Unreviewed
CVE-2019-7230 was published May 24, 2022
The Baxter Spectrum WBM is susceptible to format string attacks via application messaging. An... High Unreviewed
CVE-2022-26393 was published Sep 10, 2022
The ABB IDAL HTTP server mishandles format strings in a username or cookie during the... High Unreviewed
CVE-2019-7228 was published May 24, 2022
Format string vulnerability in ovet_demandpoll.exe in HP OpenView Network Node Manager (OV NNM) 7... High Unreviewed
CVE-2010-1550 was published May 14, 2022
Format string vulnerability in BMC PATROL Agent before 3.7.30 allows remote attackers to execute... High Unreviewed
CVE-2008-5982 was published May 14, 2022
Format string vulnerability in the Epic Games Unreal engine client, as used in multiple games,... High Unreviewed
CVE-2008-6441 was published May 14, 2022
Format string vulnerability in Screen Sharing Server in Apple Mac OS X before 10.9 and Apple... High Unreviewed
CVE-2013-5135 was published May 14, 2022
Format string vulnerability in VPN in Apple iOS before 5.1 allows remote attackers to execute... High Unreviewed
CVE-2012-0646 was published May 14, 2022
In Wireshark 2.4.0 to 2.4.1, 2.2.0 to 2.2.9, and 2.0.0 to 2.0.15, the DMP dissector could crash.... High Unreviewed
CVE-2017-15191 was published May 14, 2022
H2O versions 2.0.3 and earlier and 2.1.0-beta2 and earlier allows remote attackers to cause a... High Unreviewed
CVE-2016-4864 was published May 14, 2022
When using an incomplete variable argument, Irssi before 1.0.6 may access data beyond the end of... High Unreviewed
CVE-2018-5207 was published May 14, 2022
When using incomplete escape codes, Irssi before 1.0.6 may access data beyond the end of the string. High Unreviewed
CVE-2018-5205 was published May 14, 2022
An issue was discovered in the Interpeak IPCOMShell TELNET server on Green Hills INTEGRITY RTOS 5... High Unreviewed
CVE-2019-7715 was published May 14, 2022
The console in Puppet Enterprise 2015.x and 2016.x prior to 2016.4.0 includes unsafe string reads... High Unreviewed
CVE-2016-5716 was published May 14, 2022
UDisks 2.8.0 has a format string vulnerability in udisks_log in udiskslogging.c, allowing... High Unreviewed
CVE-2018-17336 was published May 14, 2022
In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0... High Unreviewed
CVE-2018-8778 was published May 13, 2022
The Bluetooth stack on the BMW 330i 2011 allows a remote crash of the CD/Multimedia software via ... High Unreviewed
CVE-2017-9212 was published May 13, 2022
An Externally Controlled Format String issue was discovered in Advantech WebAccess versions prior... High Unreviewed
CVE-2017-12702 was published May 13, 2022
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations... High Unreviewed
CVE-2017-16602 was published May 13, 2022
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could... High Unreviewed
CVE-2018-1566 was published May 13, 2022
Format String vulnerability in KeepKey version 4.0.0 allows attackers to trigger information... High Unreviewed
CVE-2018-6875 was published May 13, 2022
Ubiquiti Networks EdgeSwitch version 1.7.3 and prior suffer from an externally controlled format... High Unreviewed
CVE-2018-12590 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database