GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
200 advisories
Filter by severity
Xinuos (formerly SCO) Openserver v5 and v6 allows attackers to execute arbitrary commands via...
Critical
Unreviewed
CVE-2020-25494
was published
May 24, 2022
Go before 1.14.12 and 1.15.x before 1.15.5 allows Argument Injection.
Critical
Unreviewed
CVE-2020-28367
was published
May 24, 2022
A vulnerability in the remote management feature of Cisco SD-WAN vManage Software could allow an...
High
Unreviewed
CVE-2020-27129
was published
May 24, 2022
Improper neutralization of argument delimiters in a command ('Argument Injection') vulnerability...
Moderate
Unreviewed
CVE-2020-5657
was published
May 24, 2022
Improper neutralization of argument delimiters in a command in Nagios XI 5.7.3 allows a remote,...
High
Unreviewed
CVE-2020-5792
was published
May 24, 2022
Firejail through 0.9.62 does not honor the -- end-of-options indicator after the --output option,...
Moderate
Unreviewed
CVE-2020-17367
was published
May 24, 2022
aaPanel through 6.6.6 allows remote authenticated users to execute arbitrary commands via the...
High
Unreviewed
CVE-2020-14421
was published
May 24, 2022
In RAONWIZ K Upload v2018.0.2.51 and prior, automatic update processing without integrity check...
High
Unreviewed
CVE-2020-7808
was published
May 24, 2022
rcube_image.php in Roundcube Webmail before 1.4.4 allows attackers to execute arbitrary code via...
High
Unreviewed
CVE-2020-12641
was published
May 24, 2022
Command line arguments could have been injected during Firefox invocation as a shell handler for...
Moderate
Unreviewed
CVE-2020-6799
was published
May 24, 2022
An exploitable privilege escalation vulnerability exists in the Wacom, driver version 6.3.32-3,...
High
Unreviewed
CVE-2019-5012
was published
May 24, 2022
An exploitable privilege escalation vulnerability exists in the Wacom, driver version 6.3.32-3,...
High
Unreviewed
CVE-2019-5013
was published
May 24, 2022
The Sangoma Session Border Controller (SBC) 2.3.23-119 GA web interface is vulnerable to Argument...
Critical
Unreviewed
CVE-2019-12147
was published
May 24, 2022
The Sangoma Session Border Controller (SBC) 2.3.23-119 GA web interface is vulnerable to an...
Critical
Unreviewed
CVE-2019-12148
was published
May 24, 2022
rustls-mio/examples/tlsserver.rs in the rustls crate before 0.16.0 for Rust allows attackers to...
High
Unreviewed
CVE-2019-15541
was published
May 24, 2022
cgi-bin/cmh/webcam.sh in Vera Edge Home Controller 1.7.4452 allows remote unauthenticated users...
High
Unreviewed
CVE-2019-15498
was published
May 24, 2022
Wind River VxWorks 6.6, 6.7, 6.8, 6.9.3, 6.9.4, and Vx7 has Incorrect Access Control in IPv4...
High
Unreviewed
CVE-2019-12264
was published
May 24, 2022
In MobaXterm 11.1, the mobaxterm: URI handler has an argument injection vulnerability that allows...
High
Unreviewed
CVE-2019-13475
was published
May 24, 2022
An argument injection vulnerability in Atlassian Sourcetree for Windows's URI handlers, in all...
High
Unreviewed
CVE-2019-11582
was published
May 24, 2022
Incorrect command line processing in Chrome in Google Chrome prior to 73.0.3683.75 allowed a...
Moderate
Unreviewed
CVE-2019-5804
was published
May 24, 2022
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an...
High
Unreviewed
CVE-2019-1780
was published
May 24, 2022
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an...
High
Unreviewed
CVE-2019-1795
was published
May 24, 2022
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an...
High
Unreviewed
CVE-2019-1779
was published
May 24, 2022
Atlassian Fisheye and Crucible versions less than 4.4.3 and version 4.5.0 are vulnerable to...
Critical
Unreviewed
CVE-2017-14591
was published
May 17, 2022
kernel/omap/drivers/mfd/twl6030-gpadc.c in the kernel component in Amazon Kindle Fire HD(3rd)...
High
Unreviewed
CVE-2018-11025
was published
May 14, 2022
ProTip!
Advisories are also available from the
GraphQL API