Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,318
Erlang
31
GitHub Actions
21
Go
2,074
Maven
5,000+
npm
3,746
NuGet
674
pip
3,434
Pub
12
RubyGems
892
Rust
880
Swift
37
Unreviewed advisories
All unreviewed
5,000+

91 advisories

Loading
Format string vulnerability in the grant helper (polkit-grant-helper.c) in PolicyKit 0.7 and... Moderate Unreviewed
CVE-2008-1658 was published May 1, 2022
Format string vulnerability in Asterisk Open Source 1.6.x before 1.6.0-beta6 might allow remote... Moderate Unreviewed
CVE-2008-1333 was published May 1, 2022
Format string vulnerability in the cryactio function in Crysis 1.1.1.5879 allows remote... Moderate Unreviewed
CVE-2008-1127 was published May 1, 2022
Format string vulnerability in mDNSResponderHelper in Apple Mac OS X 10.5.2 allows local users to... Moderate Unreviewed
CVE-2008-0989 was published May 1, 2022
Format string vulnerability in the emf_multipart_encrypted function in mail/em-format.c in... Moderate Unreviewed
CVE-2008-0072 was published May 1, 2022
Format string vulnerability in the logging function in IBM solidDB 06.00.1018 and earlier allows... Moderate Unreviewed
CVE-2008-1705 was published May 1, 2022
The Platform Service Process (asampsp) in Fan-Out Driver Platform Services for Novell Identity... Moderate Unreviewed
CVE-2007-6625 was published May 1, 2022
Format string vulnerability in ALPass 2.7 English and 3.02 Korean might allow user-assisted... Moderate Unreviewed
CVE-2007-4550 was published May 1, 2022
Format string vulnerability in the ext_yahoo_contact_added function in yahoo.c in Miranda IM 0.7... Moderate Unreviewed
CVE-2007-5396 was published May 1, 2022
IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows local users to create arbitrary... Moderate Unreviewed
CVE-2007-4273 was published May 1, 2022
Untrusted search path vulnerability in the add_filename_to_string function in intl/gettext... Moderate Unreviewed
CVE-2007-2027 was published May 1, 2022
Multiple format string vulnerabilities in (1) the cdio_log_handler function in modules/access... Moderate Unreviewed
CVE-2007-0017 was published May 1, 2022
Format string vulnerability in XM Easy Personal FTP Server 5.2.1 allows remote attackers to cause... Moderate Unreviewed
CVE-2006-6751 was published May 1, 2022
Format string vulnerability in Apple iPhoto 6.0.5 (316), and other versions before 6.0.6, allows... Moderate Unreviewed
CVE-2007-0051 was published May 1, 2022
Format string vulnerability in time.cc in MySQL Server 4.1 before 4.1.21 and 5.0 before 1 April... Moderate Unreviewed
CVE-2006-3469 was published May 1, 2022
Format string vulnerability in Dia 0.94 allows user-assisted attackers to cause a denial of... Moderate Unreviewed
CVE-2006-2480 was published May 1, 2022
Format string vulnerability in the raydium_log function in console.c in Raydium before SVN... Moderate Unreviewed
CVE-2006-2409 was published May 1, 2022
Multiple format string vulnerabilities in Empire Server before 4.3.1 allow attackers to cause a... Moderate Unreviewed
CVE-2006-1840 was published May 1, 2022
Format string vulnerability in the CF_syslog function launchd in Apple Mac OS X 10.4 up to 10.4.6... Moderate Unreviewed
CVE-2006-1471 was published May 1, 2022
Format string vulnerability in PunkBuster 1.180 and earlier, as used by Soldier of Fortune II and... Moderate Unreviewed
CVE-2006-0771 was published May 1, 2022
Format string vulnerability in a logging function as used by various SFTP servers, including (1)... Moderate Unreviewed
CVE-2006-0705 was published May 1, 2022
Unspecified vulnerability in Window Maker 0.80.2 and earlier allows attackers to perform unknown... Moderate Unreviewed
CVE-2004-2714 was published Apr 29, 2022
A remote denial of service vulnerability was discovered in Aruba Instant version(s): Aruba... Moderate Unreviewed
CVE-2021-37735 was published May 24, 2022
Format string vulnerability in AMX 0.9.2 and earlier, a plugin for Valve Software's Half-Life... Moderate Unreviewed
CVE-2003-1381 was published Apr 29, 2022
Depending on the way the format strings in the card label are crafted it's possible to leak... Moderate Unreviewed
CVE-2022-2652 was published Aug 5, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database