Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,090
Erlang
29
GitHub Actions
19
Go
1,915
Maven
5,000+
npm
3,646
NuGet
638
pip
3,262
Pub
10
RubyGems
870
Rust
821
Swift
35
Unreviewed advisories
All unreviewed
5,000+

91 advisories

Loading
actionmailer email address processing causes Denial of service Moderate
CVE-2013-4389 was published for actionmailer (RubyGems) Oct 24, 2017
gtk2 vulnerable to Use of Externally-Controlled Format String Moderate
CVE-2007-6183 was published for gtk2 (RubyGems) Oct 24, 2017
Plone Sandbox Escape Moderate
CVE-2017-5524 was published for Plone (pip) Jul 12, 2018
Format string vulnerability in AMX 0.9.2 and earlier, a plugin for Valve Software's Half-Life... Moderate Unreviewed
CVE-2003-1381 was published Apr 29, 2022
Unspecified vulnerability in Window Maker 0.80.2 and earlier allows attackers to perform unknown... Moderate Unreviewed
CVE-2004-2714 was published Apr 29, 2022
Format string vulnerability in a logging function as used by various SFTP servers, including (1)... Moderate Unreviewed
CVE-2006-0705 was published May 1, 2022
Apache log4net format string vulnerability causes DoS Moderate
CVE-2006-0743 was published for log4net (NuGet) May 1, 2022
Format string vulnerability in PunkBuster 1.180 and earlier, as used by Soldier of Fortune II and... Moderate Unreviewed
CVE-2006-0771 was published May 1, 2022
Format string vulnerability in the CF_syslog function launchd in Apple Mac OS X 10.4 up to 10.4.6... Moderate Unreviewed
CVE-2006-1471 was published May 1, 2022
Multiple format string vulnerabilities in Empire Server before 4.3.1 allow attackers to cause a... Moderate Unreviewed
CVE-2006-1840 was published May 1, 2022
Format string vulnerability in the raydium_log function in console.c in Raydium before SVN... Moderate Unreviewed
CVE-2006-2409 was published May 1, 2022
Format string vulnerability in Dia 0.94 allows user-assisted attackers to cause a denial of... Moderate Unreviewed
CVE-2006-2480 was published May 1, 2022
Format string vulnerability in time.cc in MySQL Server 4.1 before 4.1.21 and 5.0 before 1 April... Moderate Unreviewed
CVE-2006-3469 was published May 1, 2022
Format string vulnerability in XM Easy Personal FTP Server 5.2.1 allows remote attackers to cause... Moderate Unreviewed
CVE-2006-6751 was published May 1, 2022
Multiple format string vulnerabilities in (1) the cdio_log_handler function in modules/access... Moderate Unreviewed
CVE-2007-0017 was published May 1, 2022
Format string vulnerability in Apple iPhoto 6.0.5 (316), and other versions before 6.0.6, allows... Moderate Unreviewed
CVE-2007-0051 was published May 1, 2022
Untrusted search path vulnerability in the add_filename_to_string function in intl/gettext... Moderate Unreviewed
CVE-2007-2027 was published May 1, 2022
IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows local users to create arbitrary... Moderate Unreviewed
CVE-2007-4273 was published May 1, 2022
Format string vulnerability in ALPass 2.7 English and 3.02 Korean might allow user-assisted... Moderate Unreviewed
CVE-2007-4550 was published May 1, 2022
Format string vulnerability in the ext_yahoo_contact_added function in yahoo.c in Miranda IM 0.7... Moderate Unreviewed
CVE-2007-5396 was published May 1, 2022
The Platform Service Process (asampsp) in Fan-Out Driver Platform Services for Novell Identity... Moderate Unreviewed
CVE-2007-6625 was published May 1, 2022
Format string vulnerability in the emf_multipart_encrypted function in mail/em-format.c in... Moderate Unreviewed
CVE-2008-0072 was published May 1, 2022
Format string vulnerability in mDNSResponderHelper in Apple Mac OS X 10.5.2 allows local users to... Moderate Unreviewed
CVE-2008-0989 was published May 1, 2022
Format string vulnerability in the cryactio function in Crysis 1.1.1.5879 allows remote... Moderate Unreviewed
CVE-2008-1127 was published May 1, 2022
Format string vulnerability in the log_message function in lks.c in Linux Kiss Server 1.2, when... Moderate Unreviewed
CVE-2008-1206 was published May 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database