Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,867
Erlang
29
GitHub Actions
16
Go
1,717
Maven
4,951
npm
3,480
NuGet
605
pip
3,026
Pub
10
RubyGems
832
Rust
776
Swift
34
Unreviewed advisories
All unreviewed
5,000+

95 advisories

Inductive Automation Ignition getParams Argument Injection Remote Code Execution Vulnerability.... High Unreviewed
CVE-2023-50232 was published May 3, 2024
Linux Mint Xreader CBT File Parsing Argument Injection Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2023-44452 was published May 3, 2024
A server side request forgery vulnerability was identified in GitHub Enterprise Server that... High Unreviewed
CVE-2024-3684 was published Apr 19, 2024
A remote, unauthenticated attacker may be able to send crafted messages to the web server of the... High Unreviewed
CVE-2024-22182 was published Mar 1, 2024
Apache OpenOffice documents can contain links that call internal macros with arbitrary arguments.... High Unreviewed
CVE-2023-47804 was published Dec 29, 2023
Improper neutralization of argument delimiters in a command ('Argument Injection') vulnerability... High Unreviewed
CVE-2023-46681 was published Dec 26, 2023
In Docker Desktop on Windows before 4.12.0 an argument injection to installer may result in local... High Unreviewed
CVE-2023-0633 was published Sep 25, 2023
A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent, Virtual Appliance installation... High Unreviewed
CVE-2023-20224 was published Aug 17, 2023
Apache Airflow ODBC Provider Argument Injection vulnerability High
CVE-2023-34395 was published for apache-airflow-providers-odbc (pip) Jun 27, 2023
CoreDial sipXcom up to and including 21.04 is vulnerable to Improper Neutralization of Argument... High Unreviewed
CVE-2023-25356 was published Apr 4, 2023
A improper neutralization of argument delimiters in a command ('argument injection') in Fortinet... High Unreviewed
CVE-2022-40677 was published Feb 16, 2023
Command injection in Git package in Wrangler High
CVE-2022-31249 was published for github.com/rancher/wrangler (Go) Jan 25, 2023
cokeBeer aruneko
tdunlap607
CRITICAL: An improper neutralization of argument delimiters in a command vulnerability was... High Unreviewed
CVE-2022-23740 was published Nov 23, 2022
Poetry Argument Injection can lead to Local Code Execution High
CVE-2022-36069 was published for poetry (pip) Sep 16, 2022
paul-gerste-sonarsource neersighted
mc-kill-port vulnerable to Arbitrary Command Execution via kill function High
CVE-2022-25973 was published for mc-kill-port (npm) Aug 11, 2022
The Settings application has an argument injection vulnerability. Successful exploitation of this... High Unreviewed
CVE-2022-37005 was published Aug 11, 2022
In JetBrains TeamCity before 2022.04.2 build parameter injection was possible High Unreviewed
CVE-2022-36322 was published Jul 21, 2022
Command injection in git-clone High
CVE-2022-25900 was published for git-clone (npm) Jul 2, 2022
lirantal
OS Command Injection in git-promise High
CVE-2022-24376 was published for git-promise (npm) Jun 11, 2022
lirantal
Within the function HandleFileArg the argument filepattern is under control of the user who... High Unreviewed
CVE-2021-21814 was published May 24, 2022
In the Amazon AWS WorkSpaces client before 3.1.9 on Windows, argument injection in the workspaces... High Unreviewed
CVE-2021-38112 was published May 24, 2022
The Device42 Main Appliance before 17.05.01 does not sanitize user input in its Nmap Discovery... High Unreviewed
CVE-2021-41316 was published May 24, 2022
A vulnerability in the SSH Server process of Cisco IOS XR Software could allow an authenticated,... High Unreviewed
CVE-2021-34718 was published May 24, 2022
A Shell Metacharacter Injection vulnerability in result.php in DRK Odenwaldkreis Testerfassung... High Unreviewed
CVE-2021-35062 was published May 24, 2022
By abusing the 'install rpm info detail' command, an attacker can escape the restricted clish... High Unreviewed
CVE-2021-3540 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API