GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,618
NuGet
638
pip
3,231
Pub
10
RubyGems
854
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+
189 advisories
Filter by severity
A vulnerability in the CLI of Cisco NX-OS Software and Cisco FXOS Software could allow an...
High
Unreviewed
CVE-2019-1611
was published
May 13, 2022
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker...
High
Unreviewed
CVE-2019-1609
was published
May 13, 2022
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker...
High
Unreviewed
CVE-2019-1608
was published
May 13, 2022
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker...
Moderate
Unreviewed
CVE-2019-1613
was published
May 13, 2022
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker...
High
Unreviewed
CVE-2019-1610
was published
May 13, 2022
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker...
High
Unreviewed
CVE-2019-1606
was published
May 13, 2022
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker...
High
Unreviewed
CVE-2019-1607
was published
May 13, 2022
Insufficient sanitization of arguments passed to rsync can bypass the restrictions imposed by...
Critical
Unreviewed
CVE-2019-3463
was published
May 13, 2022
University of Washington IMAP Toolkit 2007f on UNIX, as used in imap_open() in PHP and other...
High
Unreviewed
CVE-2018-19518
was published
May 13, 2022
Argument Injection in Apache Geode server
Moderate
CVE-2017-15694
was published
for
org.apache.geode:geode-core
(Maven)
Jun 26, 2019
An argument injection vulnerability in the browser-based authentication component of the...
High
Unreviewed
CVE-2022-30240
was published
May 10, 2022
An argument injection vulnerability in the browser-based authentication component of the...
High
Unreviewed
CVE-2022-30239
was published
May 10, 2022
An argument injection vulnerability in the browser-based authentication component of the...
High
Unreviewed
CVE-2022-29971
was published
May 10, 2022
An argument injection vulnerability in the browser-based authentication component of the...
High
Unreviewed
CVE-2022-29972
was published
May 10, 2022
OS Command Injection in git-promise
High
CVE-2022-24376
was published
for
git-promise
(npm)
Jun 11, 2022
Command injection in git-interface
Critical
CVE-2022-1440
was published
for
git-interface
(npm)
Apr 23, 2022
A Command Injection issue in the traceroute feature on TP-Link TL-WR841N V13 (JP) with firmware...
High
Unreviewed
CVE-2020-35576
was published
May 24, 2022
An Argument Injection or Modification vulnerability in the "Change Secret" username field as used...
Critical
Unreviewed
CVE-2022-1399
was published
Aug 18, 2022
Within the function HandleFileArg the argument filepattern is under control of the user who...
High
Unreviewed
CVE-2021-21814
was published
May 24, 2022
Improper neutralization of argument delimiters in a command ('Argument Injection') vulnerability...
Critical
Unreviewed
CVE-2020-5648
was published
May 24, 2022
Gitea vulnerable to Argument Injection
Critical
CVE-2022-42968
was published
for
github.com/go-gitea/gitea
(Go)
Oct 16, 2022
Argument injection vulnerability in Opera before 7.50 does not properly filter "-" characters...
Low
Unreviewed
CVE-2004-0473
was published
Apr 29, 2022
In the Amazon AWS WorkSpaces client before 3.1.9 on Windows, argument injection in the workspaces...
High
Unreviewed
CVE-2021-38112
was published
May 24, 2022
A vulnerability in the SSH Server process of Cisco IOS XR Software could allow an authenticated,...
High
Unreviewed
CVE-2021-34718
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API