Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,762
NuGet
678
pip
3,447
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

329 advisories

Loading
ASTEVAL Allows Maliciously Crafted Format Strings to Lead to Sandbox Escape High
CVE-2025-24359 was published for asteval (pip) Jan 24, 2025
SteakEnthusiast
A post-authentication format string vulnerability in SonicOS management allows a remote attacker... Critical Unreviewed
CVE-2024-12805 was published Jan 9, 2025
A use of externally-controlled format string vulnerability has been reported to affect several... Low Unreviewed
CVE-2024-50403 was published Dec 6, 2024
A use of externally-controlled format string vulnerability has been reported to affect several... Low Unreviewed
CVE-2024-50402 was published Dec 6, 2024
The HttpRequest object allows to get the HTTP headers from the server's response after sending... Critical Unreviewed
CVE-2024-42330 was published Nov 27, 2024
A use of externally-controlled format string vulnerability has been reported to affect several... Low Unreviewed
CVE-2024-50401 was published Nov 22, 2024
A use of externally-controlled format string vulnerability has been reported to affect several... High Unreviewed
CVE-2024-50396 was published Nov 22, 2024
A use of externally-controlled format string vulnerability has been reported to affect several... High Unreviewed
CVE-2024-50397 was published Nov 22, 2024
A use of externally-controlled format string vulnerability has been reported to affect several... Low Unreviewed
CVE-2024-50398 was published Nov 22, 2024
A use of externally-controlled format string vulnerability has been reported to affect several... Low Unreviewed
CVE-2024-50399 was published Nov 22, 2024
A use of externally-controlled format string vulnerability has been reported to affect several... Low Unreviewed
CVE-2024-50400 was published Nov 22, 2024
In versions of Zend Server 8.5 and prior to version 9.2 a format string injection was discovered.... Critical Unreviewed
CVE-2024-9129 was published Oct 22, 2024
A use of externally-controlled format string in Fortinet FortiAnalyzer versions 7.4.0 through 7.4... High Unreviewed
CVE-2024-45330 was published Oct 8, 2024
A Use of Externally-Controlled Format String vulnerability in the Packet Forwarding Engine (PFE)... High Unreviewed
CVE-2024-39529 was published Jul 11, 2024
OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable... Moderate Unreviewed
CVE-2024-4641 was published Jun 25, 2024
Actiontec WCB6200Q Cookie Format String Remote Code Execution Vulnerability. This vulnerability... High Unreviewed
CVE-2024-6145 was published Jun 19, 2024
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: dbg-tlv:... Critical Unreviewed
CVE-2024-35845 was published May 17, 2024
A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.4,... Moderate Unreviewed
CVE-2023-36640 was published May 14, 2024
A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.5,... Moderate Unreviewed
CVE-2023-45583 was published May 14, 2024
Foxit PDF Reader print Method Use of Externally-Controlled Format String Information Disclosure... Low Unreviewed
CVE-2021-34970 was published May 8, 2024
Use of Externally-Controlled Format String vulnerability in Merge DICOM Toolkit C/C++ on Windows.... Moderate Unreviewed
CVE-2024-23914 was published May 3, 2024
DMitry (Deepmagic Information Gathering Tool) 1.3a has a format-string vulnerability, with a... High Unreviewed
CVE-2024-31837 was published Apr 30, 2024
A use of externally-controlled format string vulnerability [CWE-134] in FortiOS version 7.4.1 and... Moderate Unreviewed
CVE-2023-48784 was published Apr 9, 2024
A use of externally-controlled format string vulnerability [CWE-134] in Fortinet FortiManager... Moderate Unreviewed
CVE-2023-41842 was published Mar 12, 2024
A use of externally-controlled format string in Fortinet FortiOS 7.2.0 through 7.2.4, 7.0.0... High Unreviewed
CVE-2023-29181 was published Feb 22, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database