GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,141
Erlang
30
GitHub Actions
19
Go
1,942
Maven
5,000+
npm
3,684
NuGet
650
pip
3,303
Pub
11
RubyGems
878
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
317 advisories
Filter by severity
The calendar module in phpWebSite 0.9.x and earlier allows remote attackers to cause a denial of...
High
Unreviewed
CVE-2003-0738
was published
Apr 29, 2022
ASUS RT-AX88U has a Format String vulnerability, which allows an unauthenticated remote attacker...
Critical
Unreviewed
CVE-2022-26674
was published
Apr 23, 2022
Use of Externally-Controlled Format String in consoleme
Critical
CVE-2022-27177
was published
for
consoleme
(pip)
Apr 3, 2022
A Format String vulnerability exists in DrayTek Vigor 2960 <= 1.5.1.3, DrayTek Vigor 3900 <= 1.5...
Critical
Unreviewed
CVE-2021-42911
was published
Mar 30, 2022
Use of Externally-Controlled Format String in wire-avs
High
CVE-2021-41193
was published
for
com.wire:avs
(Maven)
Mar 1, 2022
This vulnerability allows local attackers to escalate privileges on affected installations of...
High
Unreviewed
CVE-2022-24051
was published
Feb 19, 2022
An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. A crafted HTTP...
High
Unreviewed
CVE-2021-43041
was published
Dec 7, 2021
Remote Code Execution in Apache Dubbo
Critical
CVE-2021-36161
was published
for
org.apache.dubbo:dubbo
(Maven)
Sep 10, 2021
Mishandling of format strings in ncurses
High
CVE-2019-15547
was published
for
ncurses
(Rust)
Aug 25, 2021
Format string vulnerabilities in pancurses
High
CVE-2019-15546
was published
for
pancurses
(Rust)
Aug 25, 2021
Mishandling of format strings in rusqlite
Critical
CVE-2020-35869
was published
for
rusqlite
(Rust)
Aug 25, 2021
yajl-ruby gem Denial of Service vulnerability
High
CVE-2017-16516
was published
for
yajl-ruby
(RubyGems)
Nov 28, 2017
gtk2 vulnerable to Use of Externally-Controlled Format String
Moderate
CVE-2007-6183
was published
for
gtk2
(RubyGems)
Oct 24, 2017
actionmailer email address processing causes Denial of service
Moderate
CVE-2013-4389
was published
for
actionmailer
(RubyGems)
Oct 24, 2017
ProTip!
Advisories are also available from the
GraphQL API