GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,041
Maven
5,000+
npm
3,733
NuGet
662
pip
3,414
Pub
12
RubyGems
891
Rust
866
Swift
36
Unreviewed advisories
All unreviewed
5,000+
201 advisories
Filter by severity
A vulnerability in the Mitel 6800 Series, 6900 Series, and 6900w Series SIP Phones, including the...
Moderate
Unreviewed
CVE-2024-41710
was published
Aug 12, 2024
Argument injection in websphere_mq agent plugin in Checkmk 2.0.0, 2.1.0, <2.2.0p25 and <2.3.0b5...
Moderate
Unreviewed
CVE-2024-3367
was published
Apr 16, 2024
The Relevanssi Live Ajax Search plugin for WordPress is vulnerable to argument injection in all...
Moderate
Unreviewed
CVE-2024-7573
was published
Aug 28, 2024
github.com/gogs/gogs affected by CVE-2024-39930
Critical
CVE-2024-39930
was published
for
github.com/gogs/gogs
(Go)
Jul 4, 2024
The product allows user input to control or influence paths or file
names that are used in...
Critical
Unreviewed
CVE-2024-3980
was published
Aug 27, 2024
Gogs allows argument injection during the tagging of a new release
High
CVE-2024-39933
was published
for
github.com/gogs/gogs
(Go)
Jul 4, 2024
Header injection possible in Django
Moderate
CVE-2021-32052
was published
for
Django
(pip)
Jun 9, 2021
A vulnerability in Cisco Nexus Dashboard Fabric Controller (NDFC), formerly Cisco Data Center...
Moderate
Unreviewed
CVE-2024-20444
was published
Oct 2, 2024
A vulnerability has been identified in Siemens SINEC Security Monitor (All versions < V4.9.0)....
Critical
Unreviewed
CVE-2024-47553
was published
Oct 8, 2024
ggit is vulnerable to Arbitrary Argument Injection via the clone() API
Moderate
CVE-2024-21533
was published
for
ggit
(npm)
Oct 8, 2024
Arbitrary command execution on Windows via qutebrowserurl: URL handler
High
CVE-2021-41146
was published
for
qutebrowser
(pip)
Oct 22, 2021
Poetry Argument Injection can lead to Local Code Execution
High
CVE-2022-36069
was published
for
poetry
(pip)
Sep 16, 2022
Argument injection in python-libnmap
Critical
CVE-2022-30284
was published
for
python-libnmap
(pip)
May 6, 2022
git-shallow-clone Argument Injection vulnerability
Moderate
CVE-2024-21531
was published
for
git-shallow-clone
(npm)
Oct 1, 2024
Argument injection in Ivanti Connect Secure before version 22.7R2.1 and 9.1R18.7 and Ivanti...
Critical
Unreviewed
CVE-2024-39712
was published
Nov 13, 2024
Argument injection in Ivanti Connect Secure before version 22.7R2.1 and Ivanti Policy Secure...
Critical
Unreviewed
CVE-2024-38655
was published
Nov 13, 2024
Argument injection in Ivanti Connect Secure before version 22.7R2.1 and 9.1R18.7 and Ivanti...
Critical
Unreviewed
CVE-2024-39711
was published
Nov 13, 2024
Argument injection in Ivanti Connect Secure before version 22.7R2 and 9.1R18.7 and Ivanti Policy...
Critical
Unreviewed
CVE-2024-39710
was published
Nov 13, 2024
Argument injection in Ivanti Connect Secure before version 22.7R2.2 and 9.1R18.9 and Ivanti...
Critical
Unreviewed
CVE-2024-38656
was published
Nov 13, 2024
Laravel environment manipulation via query string
High
CVE-2024-52301
was published
for
laravel/framework
(Composer)
Nov 12, 2024
A vulnerability in the web UI of Cisco SD-WAN vManage Software could allow an authenticated,...
Moderate
Unreviewed
CVE-2021-1484
was published
Nov 15, 2024
Codecov does not sanitize gcov arguments
High
CVE-2019-10800
was published
for
codecov
(pip)
Jul 14, 2022
Improper Neutralization of Special Elements used in a Command ('Command Injection') in Weblate
High
CVE-2022-23915
was published
for
Weblate
(pip)
Mar 4, 2022
The go command may execute arbitrary code at build time when using cgo. This may occur when...
Critical
Unreviewed
CVE-2023-29405
was published
Jun 8, 2023
ProTip!
Advisories are also available from the
GraphQL API