GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,041
Maven
5,000+
npm
3,733
NuGet
662
pip
3,414
Pub
12
RubyGems
891
Rust
866
Swift
36
Unreviewed advisories
All unreviewed
5,000+
201 advisories
Filter by severity
Innorix Web-Based File Transfer Solution versuibs prior to and including 9.2.18.385 contains a...
High
Unreviewed
CVE-2020-7851
was published
May 24, 2022
In JetBrains TeamCity before 2020.2.3, argument injection leading to remote code execution was...
Critical
Unreviewed
CVE-2021-31909
was published
May 24, 2022
The fbgames protocol handler registered as part of Facebook Gameroom does not properly quote...
Critical
Unreviewed
CVE-2021-24030
was published
May 24, 2022
Multiple vulnerabilities in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated,...
High
Unreviewed
CVE-2021-1454
was published
May 24, 2022
NBBDownloader.ocx ActiveX Control in Groupware contains a vulnerability that could allow remote...
High
Unreviewed
CVE-2020-7850
was published
May 24, 2022
A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker...
High
Unreviewed
CVE-2021-1485
was published
May 24, 2022
KuaiFanCMS V5.x contains an arbitrary file read vulnerability in the html_url parameter of the...
Moderate
Unreviewed
CVE-2021-3256
was published
May 24, 2022
An issue was discovered in Echo ShareCare 8.15.5. The UnzipFile feature in Access...
High
Unreviewed
CVE-2021-36122
was published
May 24, 2022
An Argument Injection issue in the plugin management of Etherpad 1.8.13 allows privileged users...
High
Unreviewed
CVE-2021-34816
was published
May 24, 2022
By abusing the 'install rpm info detail' command, an attacker can escape the restricted clish...
High
Unreviewed
CVE-2021-3540
was published
May 24, 2022
An OS command argument injection vulnerability in the Palo Alto Networks PAN-OS web interface...
Moderate
Unreviewed
CVE-2021-3045
was published
May 24, 2022
Quectel EG25-G devices through 202006130814 allow executing arbitrary code remotely by using an...
Critical
Unreviewed
CVE-2021-31698
was published
May 24, 2022
A Shell Metacharacter Injection vulnerability in result.php in DRK Odenwaldkreis Testerfassung...
High
Unreviewed
CVE-2021-35062
was published
May 24, 2022
The Device42 Main Appliance before 17.05.01 does not sanitize user input in its Nmap Discovery...
High
Unreviewed
CVE-2021-41316
was published
May 24, 2022
A vulnerability in the SSH Server process of Cisco IOS XR Software could allow an authenticated,...
High
Unreviewed
CVE-2021-34718
was published
May 24, 2022
In the Amazon AWS WorkSpaces client before 3.1.9 on Windows, argument injection in the workspaces...
High
Unreviewed
CVE-2021-38112
was published
May 24, 2022
Argument injection vulnerability in Opera before 7.50 does not properly filter "-" characters...
Low
Unreviewed
CVE-2004-0473
was published
Apr 29, 2022
Gitea vulnerable to Argument Injection
Critical
CVE-2022-42968
was published
for
github.com/go-gitea/gitea
(Go)
Oct 16, 2022
Improper neutralization of argument delimiters in a command ('Argument Injection') vulnerability...
Critical
Unreviewed
CVE-2020-5648
was published
May 24, 2022
Within the function HandleFileArg the argument filepattern is under control of the user who...
High
Unreviewed
CVE-2021-21814
was published
May 24, 2022
An Argument Injection or Modification vulnerability in the "Change Secret" username field as used...
Critical
Unreviewed
CVE-2022-1399
was published
Aug 18, 2022
A Command Injection issue in the traceroute feature on TP-Link TL-WR841N V13 (JP) with firmware...
High
Unreviewed
CVE-2020-35576
was published
May 24, 2022
Command injection in git-interface
Critical
CVE-2022-1440
was published
for
git-interface
(npm)
Apr 23, 2022
OS Command Injection in git-promise
High
CVE-2022-24376
was published
for
git-promise
(npm)
Jun 11, 2022
An argument injection vulnerability in the browser-based authentication component of the...
High
Unreviewed
CVE-2022-29971
was published
May 10, 2022
ProTip!
Advisories are also available from the
GraphQL API