Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,070
Erlang
29
GitHub Actions
19
Go
1,891
Maven
5,000+
npm
3,628
NuGet
638
pip
3,240
Pub
10
RubyGems
858
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

96 advisories

Loading
Some implementations of rlogin allow root access if given a -froot parameter. High Unreviewed
CVE-1999-0113 was published Apr 30, 2022
Internet Explorer 6 and earlier, when used with the Telnet client in Services for Unix (SFU) 2.0,... High Unreviewed
CVE-2001-0667 was published Apr 30, 2022
Argument injection vulnerability in the SSH URI handler for Safari on Mac OS 10.3.3 and earlier... High Unreviewed
CVE-2004-0489 was published Apr 29, 2022
Argument injection vulnerability in IBM Lotus Notes 6.0.3 and 6.5 allows remote attackers to... High Unreviewed
CVE-2004-0480 was published Apr 29, 2022
Argument injection vulnerability in Microsoft Outlook 2002 does not sufficiently filter... High Unreviewed
CVE-2004-0121 was published Apr 29, 2022
The URI handlers in Konqueror for KDE 3.2.2 and earlier do not properly filter "-" characters... High Unreviewed
CVE-2004-0411 was published Apr 29, 2022
Argument injection vulnerability in WinSCP 3.8.1 build 328 allows remote attackers to upload or... High Unreviewed
CVE-2006-3015 was published May 1, 2022
Argument injection vulnerability in Beagle before 0.2.5 allows attackers to execute arbitrary... High Unreviewed
CVE-2006-1865 was published May 1, 2022
A remote, unauthenticated attacker may be able to send crafted messages to the web server of the... High Unreviewed
CVE-2024-22182 was published Mar 1, 2024
An argument injection vulnerability in Atlassian Sourcetree for Windows's URI handlers, in all... High Unreviewed
CVE-2019-11582 was published May 24, 2022
In MobaXterm 11.1, the mobaxterm: URI handler has an argument injection vulnerability that allows... High Unreviewed
CVE-2019-13475 was published May 24, 2022
cgi-bin/cmh/webcam.sh in Vera Edge Home Controller 1.7.4452 allows remote unauthenticated users... High Unreviewed
CVE-2019-15498 was published May 24, 2022
rustls-mio/examples/tlsserver.rs in the rustls crate before 0.16.0 for Rust allows attackers to... High Unreviewed
CVE-2019-15541 was published May 24, 2022
An exploitable privilege escalation vulnerability exists in the Wacom, driver version 6.3.32-3,... High Unreviewed
CVE-2019-5013 was published May 24, 2022
An exploitable privilege escalation vulnerability exists in the Wacom, driver version 6.3.32-3,... High Unreviewed
CVE-2019-5012 was published May 24, 2022
In Docker Desktop on Windows before 4.12.0 an argument injection to installer may result in local... High Unreviewed
CVE-2023-0633 was published Sep 25, 2023
A server side request forgery vulnerability was identified in GitHub Enterprise Server that... High Unreviewed
CVE-2024-3684 was published Apr 19, 2024
Dolibarr authenticated Remote Code Execution High
CVE-2020-35136 was published for dolibarr/dolibarr (Composer) May 24, 2022
Inductive Automation Ignition getParams Argument Injection Remote Code Execution Vulnerability.... High Unreviewed
CVE-2023-50232 was published May 3, 2024
Linux Mint Xreader CBT File Parsing Argument Injection Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2023-44452 was published May 3, 2024
Gogs allows argument injection during the tagging of a new release High
CVE-2024-39933 was published for github.com/gogs/gogs (Go) Jul 4, 2024
ProTip! Advisories are also available from the GraphQL API