Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

77 advisories

Loading
An issue was discovered in CALDERA 2.8.1. When activated, the Human plugin passes the unsanitized... High Unreviewed
CVE-2021-42561 was published Jan 13, 2022
Argument injection vulnerability in Microsoft Outlook 2002 does not sufficiently filter... High Unreviewed
CVE-2004-0121 was published Apr 29, 2022
The URI handlers in Konqueror for KDE 3.2.2 and earlier do not properly filter "-" characters... High Unreviewed
CVE-2004-0411 was published Apr 29, 2022
Argument injection vulnerability in IBM Lotus Notes 6.0.3 and 6.5 allows remote attackers to... High Unreviewed
CVE-2004-0480 was published Apr 29, 2022
Argument injection vulnerability in the SSH URI handler for Safari on Mac OS 10.3.3 and earlier... High Unreviewed
CVE-2004-0489 was published Apr 29, 2022
Some implementations of rlogin allow root access if given a -froot parameter. High Unreviewed
CVE-1999-0113 was published Apr 30, 2022
Internet Explorer 6 and earlier, when used with the Telnet client in Services for Unix (SFU) 2.0,... High Unreviewed
CVE-2001-0667 was published Apr 30, 2022
Argument injection vulnerability in Beagle before 0.2.5 allows attackers to execute arbitrary... High Unreviewed
CVE-2006-1865 was published May 1, 2022
Argument injection vulnerability in WinSCP 3.8.1 build 328 allows remote attackers to upload or... High Unreviewed
CVE-2006-3015 was published May 1, 2022
An argument injection vulnerability in the browser-based authentication component of the... High Unreviewed
CVE-2022-29971 was published May 10, 2022
An argument injection vulnerability in the browser-based authentication component of the... High Unreviewed
CVE-2022-30239 was published May 10, 2022
An argument injection vulnerability in the browser-based authentication component of the... High Unreviewed
CVE-2022-30240 was published May 10, 2022
An argument injection vulnerability in the browser-based authentication component of the... High Unreviewed
CVE-2022-29972 was published May 10, 2022
University of Washington IMAP Toolkit 2007f on UNIX, as used in imap_open() in PHP and other... High Unreviewed
CVE-2018-19518 was published May 13, 2022
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker... High Unreviewed
CVE-2019-1610 was published May 13, 2022
A vulnerability in the CLI of Cisco NX-OS Software and Cisco FXOS Software could allow an... High Unreviewed
CVE-2019-1611 was published May 13, 2022
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker... High Unreviewed
CVE-2019-1608 was published May 13, 2022
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker... High Unreviewed
CVE-2019-1609 was published May 13, 2022
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker... High Unreviewed
CVE-2019-1606 was published May 13, 2022
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker... High Unreviewed
CVE-2019-1607 was published May 13, 2022
A vulnerability in the configuration and management database of the Cisco SD-WAN Solution could... High Unreviewed
CVE-2018-0345 was published May 13, 2022
There was an argument injection vulnerability in Sourcetree for Windows via filenames in... High Unreviewed
CVE-2018-13386 was published May 13, 2022
mIRC before 7.55 allows remote command execution by using argument injection through custom URI... High Unreviewed
CVE-2019-6453 was published May 13, 2022
There was an argument injection vulnerability in Atlassian Sourcetree for macOS from version 1.2... High Unreviewed
CVE-2018-20234 was published May 13, 2022
Logstash prior to version 2.1.2, the CSV output can be attacked via engineered input that will... High Unreviewed
CVE-2016-1000222 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database