Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,778
Erlang
35
GitHub Actions
29
Go
2,334
Maven
5,000+
npm
3,967
NuGet
713
pip
3,763
Pub
12
RubyGems
923
Rust
975
Swift
38
Unreviewed advisories
All unreviewed
5,000+

334 advisories

Loading
Multiple format string vulnerabilities in Empire Server before 4.3.1 allow attackers to cause a... Moderate Unreviewed
CVE-2006-1840 was published May 1, 2022
Multiple format string vulnerabilities in the logging code in Clam AntiVirus (ClamAV) before 0.88... High Unreviewed
CVE-2006-1615 was published May 1, 2022
Format string vulnerability in the CF_syslog function launchd in Apple Mac OS X 10.4 up to 10.4.6... Moderate Unreviewed
CVE-2006-1471 was published May 1, 2022
Format string vulnerability in PunkBuster 1.180 and earlier, as used by Soldier of Fortune II and... Moderate Unreviewed
CVE-2006-0771 was published May 1, 2022
Apache log4net format string vulnerability causes DoS Moderate
CVE-2006-0743 was published for log4net (NuGet) May 1, 2022
Format string vulnerability in a logging function as used by various SFTP servers, including (1)... Moderate Unreviewed
CVE-2006-0705 was published May 1, 2022
Format string vulnerability in the error-reporting feature in the mysqli extension in PHP 5.1.0... High Unreviewed
CVE-2006-0200 was published May 1, 2022
Multiple format string vulnerabilities in the auth_ldap_log_reason function in Apache auth_ldap 1... High Unreviewed
CVE-2006-0150 was published May 1, 2022
Format string vulnerability in the logging functionality in BitDefender AntiVirus 7.2 through 9... High Unreviewed
CVE-2005-3154 was published May 1, 2022
Format string vulnerability in ArcGIS for ESRI ArcInfo Workstation 9.0 allows local users to gain... High Unreviewed
CVE-2005-1394 was published May 1, 2022
Format string vulnerability in cgi.c for Monkey daemon (monkeyd) before 0.9.1 allows remote... High Unreviewed
CVE-2005-1122 was published May 1, 2022
Format string vulnerability in the administration function in Cisco Secure Access Control Server ... High Unreviewed
CVE-2002-0159 was published Apr 30, 2022
Unspecified vulnerability in Window Maker 0.80.2 and earlier allows attackers to perform unknown... Moderate Unreviewed
CVE-2004-2714 was published Apr 29, 2022
Format string vulnerability in the LogMsg function in sercd before 2.3.1 and sredird 2.2.1 and... High Unreviewed
CVE-2004-2386 was published Apr 29, 2022
Format string vulnerability in log.c in rssh before 2.2.2 allows remote authenticated users to... High Unreviewed
CVE-2004-1628 was published Apr 29, 2022
Format string vulnerability in the auth_debug function in Courier-IMAP 1.6.0 through 2.2.1 and 3... High Unreviewed
CVE-2004-0777 was published Apr 29, 2022
Format string vulnerability in AMX 0.9.2 and earlier, a plugin for Valve Software's Half-Life... Moderate Unreviewed
CVE-2003-1381 was published Apr 29, 2022
The calendar module in phpWebSite 0.9.x and earlier allows remote attackers to cause a denial of... High Unreviewed
CVE-2003-0738 was published Apr 29, 2022
ASUS RT-AX88U has a Format String vulnerability, which allows an unauthenticated remote attacker... Critical Unreviewed
CVE-2022-26674 was published Apr 23, 2022
Use of Externally-Controlled Format String in consoleme Critical
CVE-2022-27177 was published for consoleme (pip) Apr 3, 2022
A Format String vulnerability exists in DrayTek Vigor 2960 <= 1.5.1.3, DrayTek Vigor 3900 <= 1.5... Critical Unreviewed
CVE-2021-42911 was published Mar 30, 2022
Use of Externally-Controlled Format String in wire-avs High
CVE-2021-41193 was published for com.wire:avs (Maven) Mar 1, 2022
This vulnerability allows local attackers to escalate privileges on affected installations of... High Unreviewed
CVE-2022-24051 was published Feb 19, 2022
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. A crafted HTTP... High Unreviewed
CVE-2021-43041 was published Dec 7, 2021
Remote Code Execution in Apache Dubbo Critical
CVE-2021-36161 was published for org.apache.dubbo:dubbo (Maven) Sep 10, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database