Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,908
Erlang
39
GitHub Actions
38
Go
2,568
Maven
5,000+
npm
4,240
NuGet
754
pip
4,004
Pub
12
RubyGems
953
Rust
1,042
Swift
45
Unreviewed advisories
All unreviewed
5,000+

346 advisories

Loading
A format string vulnerability exists in the formPingCmd functionality of Planet WGR-500 v1... High Unreviewed
CVE-2025-48826 was published Oct 7, 2025
A use of externally-controlled format string vulnerability has been reported to affect several... Moderate Unreviewed
CVE-2025-52429 was published Oct 3, 2025
A use of externally-controlled format string vulnerability has been reported to affect several... Moderate Unreviewed
CVE-2025-53406 was published Oct 3, 2025
A use of externally-controlled format string vulnerability has been reported to affect several... Moderate Unreviewed
CVE-2025-53407 was published Oct 3, 2025
A use of externally-controlled format string vulnerability has been reported to affect several... Moderate Unreviewed
CVE-2025-48730 was published Oct 3, 2025
IBM webMethods Integration 10.15 and 11.1 could allow an authenticated user with required execute... High Unreviewed
CVE-2025-36202 was published Sep 22, 2025
ImageMagick has a Format String Bug in InterpretImageFilename leads to arbitrary code execution High
CVE-2025-55298 was published for Magick.NET-Q16-AnyCPU (NuGet) Aug 26, 2025
leehohojune hanbunny
jin-156 amethyst0225
Credited to leehohojune, hanbunny, jin-156, and amethyst0225
Solar FTP Server fails to properly handle format strings passed to the USER command. When a... High Unreviewed
CVE-2011-10029 was published Aug 20, 2025
ComSndFTP FTP Server version 1.3.7 Beta contains a format string vulnerability in its handling of... Critical Unreviewed
CVE-2012-10055 was published Aug 13, 2025
Use of Externally-Controlled Format String vulnerability in the SonicOS SSL VPN interface allows... Critical Unreviewed
CVE-2025-40600 was published Jul 30, 2025
An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139... High Unreviewed
CVE-2025-46123 was published Jul 21, 2025
An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139... High Unreviewed
CVE-2025-46121 was published Jul 21, 2025
A use of externally-controlled format string vulnerability has been reported to affect Qsync... Low Unreviewed
CVE-2025-22482 was published Jun 6, 2025
A use of externally-controlled format string vulnerability [CWE-134] in FortiOS version 7.4.0... High Unreviewed
CVE-2024-45324 was published Mar 11, 2025
An XML External Entity (XXE) vulnerability in the deserializeArgs() method of Java SDK for... Moderate Unreviewed
CVE-2024-55156 was published Feb 21, 2025
A use of externally-controlled format string vulnerability [CWE-134] in Fortinet FortiOS version... Moderate Unreviewed
CVE-2023-40721 was published Feb 11, 2025
ASTEVAL Allows Maliciously Crafted Format Strings to Lead to Sandbox Escape High
CVE-2025-24359 was published for asteval (pip) Jan 24, 2025
SteakEnthusiast
Credited to SteakEnthusiast
A post-authentication format string vulnerability in SonicOS management allows a remote attacker... Critical Unreviewed
CVE-2024-12805 was published Jan 9, 2025
A use of externally-controlled format string vulnerability has been reported to affect several... Low Unreviewed
CVE-2024-50402 was published Dec 6, 2024
A use of externally-controlled format string vulnerability has been reported to affect several... Low Unreviewed
CVE-2024-50403 was published Dec 6, 2024
The HttpRequest object allows to get the HTTP headers from the server's response after sending... Critical Unreviewed
CVE-2024-42330 was published Nov 27, 2024
A use of externally-controlled format string vulnerability has been reported to affect several... High Unreviewed
CVE-2024-50396 was published Nov 22, 2024
A use of externally-controlled format string vulnerability has been reported to affect several... Low Unreviewed
CVE-2024-50398 was published Nov 22, 2024
A use of externally-controlled format string vulnerability has been reported to affect several... Low Unreviewed
CVE-2024-50400 was published Nov 22, 2024
A use of externally-controlled format string vulnerability has been reported to affect several... Low Unreviewed
CVE-2024-50401 was published Nov 22, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database