GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
100 advisories
Filter by severity
Gogs allows argument Injection when tagging new releases
High
CVE-2024-39933
was published
for
gogs.io/gogs
(Go)
Dec 23, 2024
Dell PowerStore contains an Improper Neutralization of Argument Delimiters in a Command (...
High
Unreviewed
CVE-2024-51532
was published
Dec 19, 2024
Laravel environment manipulation via query string
High
CVE-2024-52301
was published
for
laravel/framework
(Composer)
Nov 12, 2024
Duplicate Advisory: Gogs allows argument injection during the tagging of a new release
High
GHSA-8mm6-wmpp-mmm3
was published
for
github.com/gogs/gogs
(Go)
Jul 4, 2024
•
withdrawn
Inductive Automation Ignition getParams Argument Injection Remote Code Execution Vulnerability....
High
Unreviewed
CVE-2023-50232
was published
May 3, 2024
Linux Mint Xreader CBT File Parsing Argument Injection Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2023-44452
was published
May 3, 2024
A server side request forgery vulnerability was identified in GitHub Enterprise Server that...
High
Unreviewed
CVE-2024-3684
was published
Apr 19, 2024
A remote, unauthenticated attacker may be able to send crafted messages
to the web server of the...
High
Unreviewed
CVE-2024-22182
was published
Mar 1, 2024
Apache OpenOffice documents can contain links that call internal macros with arbitrary arguments....
High
Unreviewed
CVE-2023-47804
was published
Dec 29, 2023
Improper neutralization of argument delimiters in a command ('Argument Injection') vulnerability...
High
Unreviewed
CVE-2023-46681
was published
Dec 26, 2023
In Docker Desktop on Windows before 4.12.0 an argument injection to installer may result in local...
High
Unreviewed
CVE-2023-0633
was published
Sep 25, 2023
A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent, Virtual Appliance installation...
High
Unreviewed
CVE-2023-20224
was published
Aug 17, 2023
Apache Airflow ODBC Provider Argument Injection vulnerability
High
CVE-2023-34395
was published
for
apache-airflow-providers-odbc
(pip)
Jun 27, 2023
CoreDial sipXcom up to and including 21.04 is vulnerable to Improper Neutralization of Argument...
High
Unreviewed
CVE-2023-25356
was published
Apr 4, 2023
A improper neutralization of argument delimiters in a command ('argument injection') in Fortinet...
High
Unreviewed
CVE-2022-40677
was published
Feb 16, 2023
Command injection in Git package in Wrangler
High
CVE-2022-31249
was published
for
github.com/rancher/wrangler
(Go)
Jan 25, 2023
CRITICAL: An improper neutralization of argument delimiters in a command vulnerability was...
High
Unreviewed
CVE-2022-23740
was published
Nov 23, 2022
Poetry Argument Injection can lead to Local Code Execution
High
CVE-2022-36069
was published
for
poetry
(pip)
Sep 16, 2022
mc-kill-port vulnerable to Arbitrary Command Execution via kill function
High
CVE-2022-25973
was published
for
mc-kill-port
(npm)
Aug 11, 2022
The Settings application has an argument injection vulnerability. Successful exploitation of this...
High
Unreviewed
CVE-2022-37005
was published
Aug 11, 2022
In JetBrains TeamCity before 2022.04.2 build parameter injection was possible
High
Unreviewed
CVE-2022-36322
was published
Jul 21, 2022
Codecov does not sanitize gcov arguments
High
CVE-2019-10800
was published
for
codecov
(pip)
Jul 14, 2022
OS Command Injection in git-promise
High
CVE-2022-24376
was published
for
git-promise
(npm)
Jun 11, 2022
Within the function HandleFileArg the argument filepattern is under control of the user who...
High
Unreviewed
CVE-2021-21814
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API