Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

324 advisories

Loading
TiDB vulnerable to Use of Externally-Controlled Format String Critical
CVE-2022-3023 was published for github.com/pingcap/tidb (Go) Nov 4, 2022
dwisiswant0
Four format string injection vulnerabilities exist in the web interface /action/wirelessConnect... High Unreviewed
CVE-2022-35885 was published Oct 25, 2022
Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode... Critical Unreviewed
CVE-2022-35874 was published Oct 25, 2022
Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode... Critical Unreviewed
CVE-2022-35875 was published Oct 25, 2022
Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode... High Unreviewed
CVE-2022-35881 was published Oct 25, 2022
Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode... High Unreviewed
CVE-2022-35880 was published Oct 25, 2022
Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode... Critical Unreviewed
CVE-2022-35876 was published Oct 25, 2022
Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode... High Unreviewed
CVE-2022-35879 was published Oct 25, 2022
Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode... Critical Unreviewed
CVE-2022-35877 was published Oct 25, 2022
Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode... High Unreviewed
CVE-2022-35878 was published Oct 25, 2022
Four format string injection vulnerabilities exist in the web interface /action/wirelessConnect... High Unreviewed
CVE-2022-35886 was published Oct 25, 2022
Four format string injection vulnerabilities exist in the web interface /action/wirelessConnect... High Unreviewed
CVE-2022-35887 was published Oct 25, 2022
Four format string injection vulnerabilities exist in the web interface /action/wirelessConnect... High Unreviewed
CVE-2022-35884 was published Oct 25, 2022
A format string injection vulnerability exists in the XCMD getVarHA functionality of abode... Critical Unreviewed
CVE-2022-35244 was published Oct 25, 2022
A format string injection vulnerability exists in the ghome_process_control_packet functionality... Critical Unreviewed
CVE-2022-33938 was published Oct 25, 2022
Apache Airflow vulnerable to Use of Externally-Controlled Format String High
CVE-2022-40604 was published for apache-airflow (pip) Sep 22, 2022
sunSUNQ
The Baxter Spectrum WBM is susceptible to format string attacks via application messaging. An... High Unreviewed
CVE-2022-26393 was published Sep 10, 2022
The Baxter Spectrum WBM (v16, v16D38) and Baxter Spectrum WBM (v17, v17D19, v20D29 to v20D32)... Moderate Unreviewed
CVE-2022-26392 was published Sep 10, 2022
A format string vulnerability in Zyxel NAS326 firmware versions prior to V5.21(AAZF.12)C0 could... Critical Unreviewed
CVE-2022-34747 was published Sep 7, 2022
A flaw was found in the Red Hat OpenShift API Management product. User input is not validated... Moderate Unreviewed
CVE-2021-3442 was published Aug 23, 2022
A format string vulnerability [CWE-134] in the command line interpreter of FortiADC version 6.0.0... High Unreviewed
CVE-2022-22299 was published Aug 6, 2022
Depending on the way the format strings in the card label are crafted it's possible to leak... Moderate Unreviewed
CVE-2022-2652 was published Aug 5, 2022
The voice wakeup module has a vulnerability of using externally-controlled format strings.... High Unreviewed
CVE-2022-31753 was published Jun 14, 2022
A format string vulnerability was found in libinput High Unreviewed
CVE-2022-1215 was published Jun 3, 2022
A remote denial of service vulnerability was discovered in Aruba Instant version(s): Aruba... Moderate Unreviewed
CVE-2021-37735 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database