GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,012
Maven
5,000+
npm
3,720
NuGet
662
pip
3,393
Pub
11
RubyGems
889
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
77 advisories
Filter by severity
Inductive Automation Ignition getParams Argument Injection Remote Code Execution Vulnerability....
High
Unreviewed
CVE-2023-50232
was published
May 3, 2024
Linux Mint Xreader CBT File Parsing Argument Injection Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2023-44452
was published
May 3, 2024
A server side request forgery vulnerability was identified in GitHub Enterprise Server that...
High
Unreviewed
CVE-2024-3684
was published
Apr 19, 2024
A remote, unauthenticated attacker may be able to send crafted messages
to the web server of the...
High
Unreviewed
CVE-2024-22182
was published
Mar 1, 2024
Apache OpenOffice documents can contain links that call internal macros with arbitrary arguments....
High
Unreviewed
CVE-2023-47804
was published
Dec 29, 2023
Improper neutralization of argument delimiters in a command ('Argument Injection') vulnerability...
High
Unreviewed
CVE-2023-46681
was published
Dec 26, 2023
In Docker Desktop on Windows before 4.12.0 an argument injection to installer may result in local...
High
Unreviewed
CVE-2023-0633
was published
Sep 25, 2023
A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent, Virtual Appliance installation...
High
Unreviewed
CVE-2023-20224
was published
Aug 17, 2023
CoreDial sipXcom up to and including 21.04 is vulnerable to Improper Neutralization of Argument...
High
Unreviewed
CVE-2023-25356
was published
Apr 4, 2023
A improper neutralization of argument delimiters in a command ('argument injection') in Fortinet...
High
Unreviewed
CVE-2022-40677
was published
Feb 16, 2023
CRITICAL: An improper neutralization of argument delimiters in a command vulnerability was...
High
Unreviewed
CVE-2022-23740
was published
Nov 23, 2022
The Settings application has an argument injection vulnerability. Successful exploitation of this...
High
Unreviewed
CVE-2022-37005
was published
Aug 11, 2022
In JetBrains TeamCity before 2022.04.2 build parameter injection was possible
High
Unreviewed
CVE-2022-36322
was published
Jul 21, 2022
Within the function HandleFileArg the argument filepattern is under control of the user who...
High
Unreviewed
CVE-2021-21814
was published
May 24, 2022
In the Amazon AWS WorkSpaces client before 3.1.9 on Windows, argument injection in the workspaces...
High
Unreviewed
CVE-2021-38112
was published
May 24, 2022
The Device42 Main Appliance before 17.05.01 does not sanitize user input in its Nmap Discovery...
High
Unreviewed
CVE-2021-41316
was published
May 24, 2022
A vulnerability in the SSH Server process of Cisco IOS XR Software could allow an authenticated,...
High
Unreviewed
CVE-2021-34718
was published
May 24, 2022
A Shell Metacharacter Injection vulnerability in result.php in DRK Odenwaldkreis Testerfassung...
High
Unreviewed
CVE-2021-35062
was published
May 24, 2022
By abusing the 'install rpm info detail' command, an attacker can escape the restricted clish...
High
Unreviewed
CVE-2021-3540
was published
May 24, 2022
An Argument Injection issue in the plugin management of Etherpad 1.8.13 allows privileged users...
High
Unreviewed
CVE-2021-34816
was published
May 24, 2022
An issue was discovered in Echo ShareCare 8.15.5. The UnzipFile feature in Access...
High
Unreviewed
CVE-2021-36122
was published
May 24, 2022
When a user clicked on an FTP URL containing encoded newline characters (%0A and %0D), the...
High
Unreviewed
CVE-2021-24002
was published
May 24, 2022
A vulnerability in the web UI of Cisco Modeling Labs could allow an authenticated, remote...
High
Unreviewed
CVE-2021-1531
was published
May 24, 2022
Innorix Web-Based File Transfer Solution versuibs prior to and including 9.2.18.385 contains a...
High
Unreviewed
CVE-2020-7851
was published
May 24, 2022
A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker...
High
Unreviewed
CVE-2021-1485
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API