GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,600
Composer 5,005
Erlang 39
GitHub Actions 38
Go 2,635
Maven 6,103
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,442

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

194 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A improper neutralization of argument delimiters in a command ('argument injection') in Fortinet... High Unreviewed

CVE-2022-40677 was published Feb 16, 2023

Mozilla developers Gabriele Svelto, Yulia Startsev, Andrew McCreight and the Mozilla Fuzzing Team... High Unreviewed

CVE-2022-46883 was published Dec 22, 2022

AyaCMS 3.1.2 is vulnerable to file deletion via /aya/module/admin/fst_del.inc.php Critical Unreviewed

CVE-2022-47926 was published Dec 22, 2022

A vulnerability has been identified in SIMATIC WinCC OA V3.15 (All versions), SIMATIC WinCC OA V3... Moderate Unreviewed

CVE-2022-44731 was published Dec 13, 2022

CRITICAL: An improper neutralization of argument delimiters in a command vulnerability was... High Unreviewed

CVE-2022-23740 was published Nov 23, 2022

In Xfce xfce4-settings before 4.16.4 and 4.17.x before 4.17.1, there is an argument injection... Critical Unreviewed

CVE-2022-45062 was published Nov 9, 2022

myVesta Control Panel before 0.9.8-26-43 and Vesta Control Panel before 0.9.8-26 are vulnerable... High Unreviewed

CVE-2021-46850 was published Oct 24, 2022

LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS... Moderate Unreviewed

CVE-2022-3140 was published Oct 12, 2022

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker... Moderate Unreviewed

CVE-2022-20930 was published Oct 1, 2022

Ahsay AhsayCBS 9.1.4.0 allows an authenticated system user to inject arbitrary Java JVM options.... High Unreviewed

CVE-2022-37027 was published Sep 22, 2022

An Argument Injection or Modification vulnerability in the "Change Secret" username field as used... Critical Unreviewed

CVE-2022-1399 was published Aug 18, 2022

The Settings application has an argument injection vulnerability. Successful exploitation of this... High Unreviewed

CVE-2022-37005 was published Aug 11, 2022

In JetBrains TeamCity before 2022.04.2 build parameter injection was possible High Unreviewed

CVE-2022-36322 was published Jul 21, 2022

paymentrequest.py in Electrum before 4.2.2 allows a file:// URL in the r parameter of a payment... Moderate Unreviewed

CVE-2022-31246 was published Jun 18, 2022

Improper neutralization of argument delimiters in a command ('Argument Injection') vulnerability... Critical Unreviewed

CVE-2020-5648 was published May 24, 2022

Within the function HandleFileArg the argument filepattern is under control of the user who... High Unreviewed

CVE-2021-21814 was published May 24, 2022

In the Amazon AWS WorkSpaces client before 3.1.9 on Windows, argument injection in the workspaces... High Unreviewed

CVE-2021-38112 was published May 24, 2022

The Device42 Main Appliance before 17.05.01 does not sanitize user input in its Nmap Discovery... High Unreviewed

CVE-2021-41316 was published May 24, 2022

A vulnerability in the SSH Server process of Cisco IOS XR Software could allow an authenticated,... High Unreviewed

CVE-2021-34718 was published May 24, 2022

A Shell Metacharacter Injection vulnerability in result.php in DRK Odenwaldkreis Testerfassung... High Unreviewed

CVE-2021-35062 was published May 24, 2022

Quectel EG25-G devices through 202006130814 allow executing arbitrary code remotely by using an... Critical Unreviewed

CVE-2021-31698 was published May 24, 2022

An OS command argument injection vulnerability in the Palo Alto Networks PAN-OS web interface... Moderate Unreviewed

CVE-2021-3045 was published May 24, 2022

By abusing the 'install rpm info detail' command, an attacker can escape the restricted clish... High Unreviewed

CVE-2021-3540 was published May 24, 2022

An Argument Injection issue in the plugin management of Etherpad 1.8.13 allows privileged users... High Unreviewed

CVE-2021-34816 was published May 24, 2022

An issue was discovered in Echo ShareCare 8.15.5. The UnzipFile feature in Access... High Unreviewed

CVE-2021-36122 was published May 24, 2022

Previous 1…4…8 Next

Previous 1 2 3 4 5 6 7 8 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

194 advisories