Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,618
NuGet
638
pip
3,231
Pub
10
RubyGems
854
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+

189 advisories

Loading
kernel/omap/drivers/mfd/twl6030-gpadc.c in the kernel component in Amazon Kindle Fire HD(3rd)... High Unreviewed
CVE-2018-11025 was published May 14, 2022
Atlassian Fisheye and Crucible versions less than 4.4.3 and version 4.5.0 are vulnerable to... Critical Unreviewed
CVE-2017-14591 was published May 17, 2022
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an... High Unreviewed
CVE-2019-1779 was published May 24, 2022
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an... High Unreviewed
CVE-2019-1795 was published May 24, 2022
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an... High Unreviewed
CVE-2019-1780 was published May 24, 2022
Incorrect command line processing in Chrome in Google Chrome prior to 73.0.3683.75 allowed a... Moderate Unreviewed
CVE-2019-5804 was published May 24, 2022
An argument injection vulnerability in Atlassian Sourcetree for Windows's URI handlers, in all... High Unreviewed
CVE-2019-11582 was published May 24, 2022
In MobaXterm 11.1, the mobaxterm: URI handler has an argument injection vulnerability that allows... High Unreviewed
CVE-2019-13475 was published May 24, 2022
Wind River VxWorks 6.6, 6.7, 6.8, 6.9.3, 6.9.4, and Vx7 has Incorrect Access Control in IPv4... High Unreviewed
CVE-2019-12264 was published May 24, 2022
cgi-bin/cmh/webcam.sh in Vera Edge Home Controller 1.7.4452 allows remote unauthenticated users... High Unreviewed
CVE-2019-15498 was published May 24, 2022
rustls-mio/examples/tlsserver.rs in the rustls crate before 0.16.0 for Rust allows attackers to... High Unreviewed
CVE-2019-15541 was published May 24, 2022
The Sangoma Session Border Controller (SBC) 2.3.23-119 GA web interface is vulnerable to Argument... Critical Unreviewed
CVE-2019-12147 was published May 24, 2022
The Sangoma Session Border Controller (SBC) 2.3.23-119 GA web interface is vulnerable to an... Critical Unreviewed
CVE-2019-12148 was published May 24, 2022
An exploitable privilege escalation vulnerability exists in the Wacom, driver version 6.3.32-3,... High Unreviewed
CVE-2019-5013 was published May 24, 2022
An exploitable privilege escalation vulnerability exists in the Wacom, driver version 6.3.32-3,... High Unreviewed
CVE-2019-5012 was published May 24, 2022
Command line arguments could have been injected during Firefox invocation as a shell handler for... Moderate Unreviewed
CVE-2020-6799 was published May 24, 2022
rcube_image.php in Roundcube Webmail before 1.4.4 allows attackers to execute arbitrary code via... High Unreviewed
CVE-2020-12641 was published May 24, 2022
In RAONWIZ K Upload v2018.0.2.51 and prior, automatic update processing without integrity check... High Unreviewed
CVE-2020-7808 was published May 24, 2022
aaPanel through 6.6.6 allows remote authenticated users to execute arbitrary commands via the... High Unreviewed
CVE-2020-14421 was published May 24, 2022
Firejail through 0.9.62 does not honor the -- end-of-options indicator after the --output option,... Moderate Unreviewed
CVE-2020-17367 was published May 24, 2022
Improper neutralization of argument delimiters in a command in Nagios XI 5.7.3 allows a remote,... High Unreviewed
CVE-2020-5792 was published May 24, 2022
Improper neutralization of argument delimiters in a command ('Argument Injection') vulnerability... Moderate Unreviewed
CVE-2020-5657 was published May 24, 2022
A vulnerability in the remote management feature of Cisco SD-WAN vManage Software could allow an... High Unreviewed
CVE-2020-27129 was published May 24, 2022
Go before 1.14.12 and 1.15.x before 1.15.5 allows Argument Injection. Critical Unreviewed
CVE-2020-28367 was published May 24, 2022
Xinuos (formerly SCO) Openserver v5 and v6 allows attackers to execute arbitrary commands via... Critical Unreviewed
CVE-2020-25494 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API