Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,633
Erlang
34
GitHub Actions
25
Go
2,239
Maven
5,000+
npm
3,900
NuGet
701
pip
3,667
Pub
12
RubyGems
914
Rust
943
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

178 advisories

Loading
Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode... High Unreviewed
CVE-2022-35878 was published Oct 25, 2022
Four format string injection vulnerabilities exist in the web interface /action/wirelessConnect... High Unreviewed
CVE-2022-35884 was published Oct 25, 2022
Four format string injection vulnerabilities exist in the web interface /action/wirelessConnect... High Unreviewed
CVE-2022-35886 was published Oct 25, 2022
Four format string injection vulnerabilities exist in the web interface /action/wirelessConnect... High Unreviewed
CVE-2022-35887 was published Oct 25, 2022
Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode... High Unreviewed
CVE-2022-35880 was published Oct 25, 2022
Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode... High Unreviewed
CVE-2022-35879 was published Oct 25, 2022
Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode... High Unreviewed
CVE-2022-35881 was published Oct 25, 2022
Four format string injection vulnerabilities exist in the web interface /action/wirelessConnect... High Unreviewed
CVE-2022-35885 was published Oct 25, 2022
The Baxter Spectrum WBM is susceptible to format string attacks via application messaging. An... High Unreviewed
CVE-2022-26393 was published Sep 10, 2022
A format string vulnerability [CWE-134] in the command line interpreter of FortiADC version 6.0.0... High Unreviewed
CVE-2022-22299 was published Aug 6, 2022
The voice wakeup module has a vulnerability of using externally-controlled format strings.... High Unreviewed
CVE-2022-31753 was published Jun 14, 2022
A format string vulnerability was found in libinput High Unreviewed
CVE-2022-1215 was published Jun 3, 2022
** DISPUTED ** In Tcl 8.6.11, a format string vulnerability in nmakehlp.c might allow code... High Unreviewed
CVE-2021-35331 was published May 24, 2022
In Weidmueller Industrial WLAN devices in multiple versions an exploitable format string... High Unreviewed
CVE-2021-33535 was published May 24, 2022
IBM Spectrum Scale 5.0.0 through 5.0.5.6 and 5.1.0 through 5.1.0.3 system core component is... High Unreviewed
CVE-2021-29740 was published May 24, 2022
A format string vulnerability in mpv through 0.33.0 allows user-assisted remote attackers to... High Unreviewed
CVE-2021-30145 was published May 24, 2022
In the standard library in Rust before 1.50.3, there is an optimization for joining strings that... High Unreviewed
CVE-2020-36323 was published May 24, 2022
A format string vulnerability in FortiWeb 6.3.0 through 6.3.5 may allow an authenticated, remote... High Unreviewed
CVE-2020-29018 was published May 24, 2022
On Audi A7 MMI 2014 vehicles, the Bluetooth stack in Audi A7 MMI Multiplayer with version (N... High Unreviewed
CVE-2020-27524 was published May 24, 2022
AnyDesk before 5.5.3 on Linux and FreeBSD has a format string vulnerability that can be exploited... High Unreviewed
CVE-2020-13160 was published May 24, 2022
A vulnerability in the Cisco Discovery Protocol implementation for Cisco IOS XR Software could... High Unreviewed
CVE-2020-3118 was published May 24, 2022
cPanel before 60.0.25 allows format-string injection in exception-message handling (SEC-171). High Unreviewed
CVE-2016-10773 was published May 24, 2022
Remote Code Execution in PAN-OS 7.1.18 and earlier, PAN-OS 8.0.11 and earlier, and PAN-OS 8.1.2... High Unreviewed
CVE-2019-1579 was published May 24, 2022
The ABB IDAL HTTP server mishandles format strings in a username or cookie during the... High Unreviewed
CVE-2019-7228 was published May 24, 2022
The ABB IDAL FTP server mishandles format strings in a username during the authentication process... High Unreviewed
CVE-2019-7230 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database