GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
299 advisories
Filter by severity
Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode...
Critical
Unreviewed
CVE-2022-35876
was published
Oct 25, 2022
Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode...
High
Unreviewed
CVE-2022-35881
was published
Oct 25, 2022
Four format string injection vulnerabilities exist in the web interface /action/wirelessConnect...
High
Unreviewed
CVE-2022-35887
was published
Oct 25, 2022
A format string injection vulnerability exists in the ghome_process_control_packet functionality...
Critical
Unreviewed
CVE-2022-33938
was published
Oct 25, 2022
A format string injection vulnerability exists in the XCMD getVarHA functionality of abode...
Critical
Unreviewed
CVE-2022-35244
was published
Oct 25, 2022
The Baxter Spectrum WBM (v16, v16D38) and Baxter Spectrum WBM (v17, v17D19, v20D29 to v20D32)...
Moderate
Unreviewed
CVE-2022-26392
was published
Sep 10, 2022
The Baxter Spectrum WBM is susceptible to format string attacks via application messaging. An...
High
Unreviewed
CVE-2022-26393
was published
Sep 10, 2022
A format string vulnerability in Zyxel NAS326 firmware versions prior to V5.21(AAZF.12)C0 could...
Critical
Unreviewed
CVE-2022-34747
was published
Sep 7, 2022
A flaw was found in the Red Hat OpenShift API Management product. User input is not validated...
Moderate
Unreviewed
CVE-2021-3442
was published
Aug 23, 2022
A format string vulnerability [CWE-134] in the command line interpreter of FortiADC version 6.0.0...
High
Unreviewed
CVE-2022-22299
was published
Aug 6, 2022
Depending on the way the format strings in the card label are crafted it's possible to leak...
Moderate
Unreviewed
CVE-2022-2652
was published
Aug 5, 2022
The voice wakeup module has a vulnerability of using externally-controlled format strings....
High
Unreviewed
CVE-2022-31753
was published
Jun 14, 2022
A format string vulnerability was found in libinput
High
Unreviewed
CVE-2022-1215
was published
Jun 3, 2022
A remote denial of service vulnerability was discovered in Aruba Instant version(s): Aruba...
Moderate
Unreviewed
CVE-2021-37735
was published
May 24, 2022
Assuming radio permission is gained, missing input validation in modem interface driver prior to...
Moderate
Unreviewed
CVE-2021-25489
was published
May 24, 2022
A Format String vulnerablity exists in TRENDnet TEW-755AP 1.11B03, TEW-755AP2KAC 1.11B03, TEW...
Moderate
Unreviewed
CVE-2021-28846
was published
May 24, 2022
** DISPUTED ** In Tcl 8.6.11, a format string vulnerability in nmakehlp.c might allow code...
High
Unreviewed
CVE-2021-35331
was published
May 24, 2022
In Weidmueller Industrial WLAN devices in multiple versions an exploitable format string...
High
Unreviewed
CVE-2021-33535
was published
May 24, 2022
IBM Spectrum Scale 5.0.0 through 5.0.5.6 and 5.1.0 through 5.1.0.3 system core component is...
High
Unreviewed
CVE-2021-29740
was published
May 24, 2022
A format string vulnerability in mpv through 0.33.0 allows user-assisted remote attackers to...
High
Unreviewed
CVE-2021-30145
was published
May 24, 2022
In the standard library in Rust before 1.50.3, there is an optimization for joining strings that...
High
Unreviewed
CVE-2020-36323
was published
May 24, 2022
Format string vulnerability in panoFileOutputNamesCreate() in libpano13 2.9.20~rc2+dfsg-3 and...
Critical
Unreviewed
CVE-2021-20307
was published
May 24, 2022
A format string vulnerability in FortiWeb 6.3.0 through 6.3.5 may allow an authenticated, remote...
High
Unreviewed
CVE-2020-29018
was published
May 24, 2022
On Audi A7 MMI 2014 vehicles, the Bluetooth stack in Audi A7 MMI Multiplayer with version (N...
High
Unreviewed
CVE-2020-27524
was published
May 24, 2022
Wire before 2020-10-16 allows remote attackers to cause a denial of service (application crash)...
Critical
Unreviewed
CVE-2020-27853
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API