Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,618
NuGet
638
pip
3,231
Pub
10
RubyGems
854
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+

189 advisories

Loading
Command injection in Rancher Git package Moderate
CVE-2022-43758 was published for github.com/rancher/rancher (Go) Jan 25, 2023
cokeBeer snoopysecurity
Improper Neutralization of Special Elements used in a Command ('Command Injection') in Weblate High
CVE-2022-23915 was published for Weblate (pip) Mar 4, 2022
dellalibera
A vulnerability has been identified in SIMATIC WinCC OA V3.15 (All versions), SIMATIC WinCC OA V3... Moderate Unreviewed
CVE-2022-44731 was published Dec 13, 2022
Atlassian Fisheye and Crucible versions less than 4.4.3 and version 4.5.0 are vulnerable to... Critical Unreviewed
CVE-2017-14591 was published May 17, 2022
CRITICAL: An improper neutralization of argument delimiters in a command vulnerability was... High Unreviewed
CVE-2022-23740 was published Nov 23, 2022
kernel/omap/drivers/mfd/twl6030-gpadc.c in the kernel component in Amazon Kindle Fire HD(3rd)... High Unreviewed
CVE-2018-11025 was published May 14, 2022
kernel/omap/drivers/misc/gcx/gcioctl/gcif.c in the kernel component in Amazon Kindle Fire HD (3rd... High Unreviewed
CVE-2018-11023 was published May 14, 2022
kernel/omap/drivers/video/omap2/dsscomp/device.c in the kernel component in Amazon Kindle Fire HD... High Unreviewed
CVE-2018-11021 was published May 14, 2022
kernel/omap/drivers/misc/gcx/gcioctl/gcif.c in the kernel component in Amazon Kindle Fire HD(3rd)... High Unreviewed
CVE-2018-11019 was published May 14, 2022
kernel/omap/drivers/misc/gcx/gcioctl/gcif.c in the kernel component in Amazon Kindle Fire HD (3rd... High Unreviewed
CVE-2018-11024 was published May 14, 2022
kernel/omap/drivers/misc/gcx/gcioctl/gcif.c in the kernel component in Amazon Kindle Fire HD(3rd)... High Unreviewed
CVE-2018-11022 was published May 14, 2022
kernel/omap/drivers/rpmsg/rpmsg_omx.c in the kernel component in Amazon Kindle Fire HD(3rd) Fire... Moderate Unreviewed
CVE-2018-11020 was published May 14, 2022
Logstash prior to version 2.1.2, the CSV output can be attacked via engineered input that will... High Unreviewed
CVE-2016-1000222 was published May 14, 2022
Incorrect command line processing in Chrome in Google Chrome prior to 73.0.3683.75 allowed a... Moderate Unreviewed
CVE-2019-5804 was published May 24, 2022
There was an argument injection vulnerability in Sourcetree for macOS via filenames in Mercurial... Critical Unreviewed
CVE-2018-13385 was published May 13, 2022
There was an argument injection vulnerability in Atlassian Sourcetree for macOS from version 1.2... High Unreviewed
CVE-2018-20234 was published May 13, 2022
mIRC before 7.55 allows remote command execution by using argument injection through custom URI... High Unreviewed
CVE-2019-6453 was published May 13, 2022
A tampering vulnerability exists when Microsoft browsers do not properly validate input under... Moderate Unreviewed
CVE-2019-0764 was published May 13, 2022
Arbitrary command execution on Windows via qutebrowserurl: URL handler High
CVE-2021-41146 was published for qutebrowser (pip) Oct 22, 2021
Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x... Critical Unreviewed
CVE-2018-17456 was published May 13, 2022
Header injection possible in Django Moderate
CVE-2021-32052 was published for Django (pip) Jun 9, 2021
lilypond-invoke-editor in LilyPond 2.19.80 does not validate strings before launching the program... Critical Unreviewed
CVE-2018-10992 was published May 13, 2022
There was an argument injection vulnerability in Sourcetree for Windows via filenames in... High Unreviewed
CVE-2018-13386 was published May 13, 2022
Command injection in nodemailer Critical
CVE-2020-7769 was published for nodemailer (npm) May 10, 2021
A vulnerability in the configuration and management database of the Cisco SD-WAN Solution could... High Unreviewed
CVE-2018-0345 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API