GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,787
Composer 4,248
Erlang 31
GitHub Actions 21
Go 2,016
Maven 5,202
npm 3,721
NuGet 662
pip 3,400
Pub 11
RubyGems 890
Rust 852
Swift 36

Unreviewed advisories

All unreviewed 236,212

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

150 advisories

Filter by severity

Sort by

Least recently updated

An argument injection vulnerability has been identified in the administrative web interface of... Critical Unreviewed

CVE-2023-6269 was published Dec 5, 2023

In Docker Desktop on Windows before 4.12.0 an argument injection to installer may result in local... High Unreviewed

CVE-2023-0633 was published Sep 25, 2023

A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect through 9.6... Moderate Unreviewed

CVE-2023-39288 was published Aug 26, 2023

A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through 19.3 SP3 (22.24... Moderate Unreviewed

CVE-2023-39287 was published Aug 26, 2023

A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent, Virtual Appliance installation... High Unreviewed

CVE-2023-20224 was published Aug 17, 2023

There is a command injection problem in the old version of the mobile phone backup app. Critical Unreviewed

CVE-2023-26310 was published Aug 9, 2023

Connected IO v2.1.0 and prior has an argument injection vulnerability in its iptables command... Critical Unreviewed

CVE-2023-33376 was published Aug 4, 2023

Connected IO v2.1.0 and prior has an argument injection vulnerability in its AT command message... Critical Unreviewed

CVE-2023-33378 was published Aug 4, 2023

The go command may execute arbitrary code at build time when using cgo. This may occur when... Critical Unreviewed

CVE-2023-29405 was published Jun 8, 2023

An issue discovered in mccms 2.6.1 allows remote attackers to cause a denial of service via... Moderate Unreviewed

CVE-2023-26782 was published Apr 28, 2023

A privilege escalation flaw was found in Amanda 3.5.1 in which the backup user can acquire root... Moderate Unreviewed

CVE-2022-37705 was published Apr 16, 2023

CoreDial sipXcom up to and including 21.04 is vulnerable to Improper Neutralization of Argument... High Unreviewed

CVE-2023-25356 was published Apr 4, 2023

A improper neutralization of argument delimiters in a command ('argument injection') in Fortinet... High Unreviewed

CVE-2022-40677 was published Feb 16, 2023

AyaCMS 3.1.2 is vulnerable to file deletion via /aya/module/admin/fst_del.inc.php Critical Unreviewed

CVE-2022-47926 was published Dec 22, 2022

A vulnerability has been identified in SIMATIC WinCC OA V3.15 (All versions), SIMATIC WinCC OA V3... Moderate Unreviewed

CVE-2022-44731 was published Dec 13, 2022

CRITICAL: An improper neutralization of argument delimiters in a command vulnerability was... High Unreviewed

CVE-2022-23740 was published Nov 23, 2022

In Xfce xfce4-settings before 4.16.4 and 4.17.x before 4.17.1, there is an argument injection... Critical Unreviewed

CVE-2022-45062 was published Nov 9, 2022

LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS... Moderate Unreviewed

CVE-2022-3140 was published Oct 12, 2022

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker... Moderate Unreviewed

CVE-2022-20930 was published Oct 1, 2022

An Argument Injection or Modification vulnerability in the "Change Secret" username field as used... Critical Unreviewed

CVE-2022-1399 was published Aug 18, 2022

The Settings application has an argument injection vulnerability. Successful exploitation of this... High Unreviewed

CVE-2022-37005 was published Aug 11, 2022

In JetBrains TeamCity before 2022.04.2 build parameter injection was possible High Unreviewed

CVE-2022-36322 was published Jul 21, 2022

paymentrequest.py in Electrum before 4.2.2 allows a file:// URL in the r parameter of a payment... Moderate Unreviewed

CVE-2022-31246 was published Jun 18, 2022

Improper neutralization of argument delimiters in a command ('Argument Injection') vulnerability... Critical Unreviewed

CVE-2020-5648 was published May 24, 2022

Within the function HandleFileArg the argument filepattern is under control of the user who... High Unreviewed

CVE-2021-21814 was published May 24, 2022

Previous 1 2 3 4 5 6 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

150 advisories