Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

55 advisories

Loading
A privilege escalation flaw was found in Amanda 3.5.1 in which the backup user can acquire root... Moderate Unreviewed
CVE-2022-37705 was published Apr 16, 2023
Command injection in Rancher Git package Moderate
CVE-2022-43758 was published for github.com/rancher/rancher (Go) Jan 25, 2023
cokeBeer snoopysecurity
Credited to cokeBeer and snoopysecurity
Froxlor vulnerable to Argument Injection Moderate
CVE-2022-4864 was published for froxlor/froxlor (Composer) Dec 31, 2022
A vulnerability has been identified in SIMATIC WinCC OA V3.15 (All versions), SIMATIC WinCC OA V3... Moderate Unreviewed
CVE-2022-44731 was published Dec 13, 2022
phpxmlrpc vulnerable to argument injection Moderate
GHSA-q7qq-9gx2-ggxv was published for phpxmlrpc/phpxmlrpc (Composer) Dec 2, 2022
LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS... Moderate Unreviewed
CVE-2022-3140 was published Oct 12, 2022
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker... Moderate Unreviewed
CVE-2022-20930 was published Oct 1, 2022
paymentrequest.py in Electrum before 4.2.2 allows a file:// URL in the r parameter of a payment... Moderate Unreviewed
CVE-2022-31246 was published Jun 18, 2022
An OS command argument injection vulnerability in the Palo Alto Networks PAN-OS web interface... Moderate Unreviewed
CVE-2021-3045 was published May 24, 2022
KuaiFanCMS V5.x contains an arbitrary file read vulnerability in the html_url parameter of the... Moderate Unreviewed
CVE-2021-3256 was published May 24, 2022
Improper neutralization of argument delimiters in a command ('Argument Injection') vulnerability... Moderate Unreviewed
CVE-2020-5657 was published May 24, 2022
Firejail through 0.9.62 does not honor the -- end-of-options indicator after the --output option,... Moderate Unreviewed
CVE-2020-17367 was published May 24, 2022
Command line arguments could have been injected during Firefox invocation as a shell handler for... Moderate Unreviewed
CVE-2020-6799 was published May 24, 2022
Incorrect command line processing in Chrome in Google Chrome prior to 73.0.3683.75 allowed a... Moderate Unreviewed
CVE-2019-5804 was published May 24, 2022
kernel/omap/drivers/rpmsg/rpmsg_omx.c in the kernel component in Amazon Kindle Fire HD(3rd) Fire... Moderate Unreviewed
CVE-2018-11020 was published May 14, 2022
A tampering vulnerability exists when Microsoft browsers do not properly validate input under... Moderate Unreviewed
CVE-2019-0764 was published May 13, 2022
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker... Moderate Unreviewed
CVE-2019-1613 was published May 13, 2022
Argument injection vulnerability in HyperAccess 8.4 allows user-assisted remote attackers to... Moderate Unreviewed
CVE-2006-6597 was published May 1, 2022
Argument injection vulnerability in the Windows Object Packager (packager.exe) in Microsoft... Moderate Unreviewed
CVE-2006-4692 was published May 1, 2022
Argument injection vulnerability in Mozilla Firefox 1.0.6 allows user-assisted remote attackers... Moderate Unreviewed
CVE-2006-2057 was published May 1, 2022
Argument injection vulnerability in Avant Browser 10.1 Build 17 allows user-assisted remote... Moderate Unreviewed
CVE-2006-2058 was published May 1, 2022
Argument injection vulnerability in Internet Explorer 6 for Windows XP SP2 allows user-assisted... Moderate Unreviewed
CVE-2006-2056 was published May 1, 2022
Argument injection vulnerability in Microsoft Outlook 2003 SP1 allows user-assisted remote... Moderate Unreviewed
CVE-2006-2055 was published May 1, 2022
Argument injection vulnerability in TellMe 1.2 and earlier allows remote attackers to modify... Moderate Unreviewed
CVE-2005-4699 was published May 1, 2022
Internet Explorer 5.5 and earlier executes Telnet sessions using command line arguments that are... Moderate Unreviewed
CVE-2001-0150 was published Apr 30, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database