GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
78 advisories
Filter by severity
An issue was discovered in CALDERA 2.8.1. When activated, the Human plugin passes the unsanitized...
High
Unreviewed
CVE-2021-42561
was published
Jan 13, 2022
Argument injection vulnerability in Microsoft Outlook 2002 does not sufficiently filter...
High
Unreviewed
CVE-2004-0121
was published
Apr 29, 2022
The URI handlers in Konqueror for KDE 3.2.2 and earlier do not properly filter "-" characters...
High
Unreviewed
CVE-2004-0411
was published
Apr 29, 2022
Argument injection vulnerability in IBM Lotus Notes 6.0.3 and 6.5 allows remote attackers to...
High
Unreviewed
CVE-2004-0480
was published
Apr 29, 2022
Argument injection vulnerability in the SSH URI handler for Safari on Mac OS 10.3.3 and earlier...
High
Unreviewed
CVE-2004-0489
was published
Apr 29, 2022
Some implementations of rlogin allow root access if given a -froot parameter.
High
Unreviewed
CVE-1999-0113
was published
Apr 30, 2022
Internet Explorer 6 and earlier, when used with the Telnet client in Services for Unix (SFU) 2.0,...
High
Unreviewed
CVE-2001-0667
was published
Apr 30, 2022
Argument injection vulnerability in Beagle before 0.2.5 allows attackers to execute arbitrary...
High
Unreviewed
CVE-2006-1865
was published
May 1, 2022
Argument injection vulnerability in WinSCP 3.8.1 build 328 allows remote attackers to upload or...
High
Unreviewed
CVE-2006-3015
was published
May 1, 2022
An argument injection vulnerability in the browser-based authentication component of the...
High
Unreviewed
CVE-2022-30239
was published
May 10, 2022
An argument injection vulnerability in the browser-based authentication component of the...
High
Unreviewed
CVE-2022-29971
was published
May 10, 2022
An argument injection vulnerability in the browser-based authentication component of the...
High
Unreviewed
CVE-2022-30240
was published
May 10, 2022
An argument injection vulnerability in the browser-based authentication component of the...
High
Unreviewed
CVE-2022-29972
was published
May 10, 2022
University of Washington IMAP Toolkit 2007f on UNIX, as used in imap_open() in PHP and other...
High
Unreviewed
CVE-2018-19518
was published
May 13, 2022
A vulnerability in the CLI of Cisco NX-OS Software and Cisco FXOS Software could allow an...
High
Unreviewed
CVE-2019-1611
was published
May 13, 2022
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker...
High
Unreviewed
CVE-2019-1608
was published
May 13, 2022
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker...
High
Unreviewed
CVE-2019-1610
was published
May 13, 2022
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker...
High
Unreviewed
CVE-2019-1606
was published
May 13, 2022
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker...
High
Unreviewed
CVE-2019-1609
was published
May 13, 2022
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker...
High
Unreviewed
CVE-2019-1607
was published
May 13, 2022
A vulnerability in the configuration and management database of the Cisco SD-WAN Solution could...
High
Unreviewed
CVE-2018-0345
was published
May 13, 2022
There was an argument injection vulnerability in Sourcetree for Windows via filenames in...
High
Unreviewed
CVE-2018-13386
was published
May 13, 2022
mIRC before 7.55 allows remote command execution by using argument injection through custom URI...
High
Unreviewed
CVE-2019-6453
was published
May 13, 2022
There was an argument injection vulnerability in Atlassian Sourcetree for macOS from version 1.2...
High
Unreviewed
CVE-2018-20234
was published
May 13, 2022
Logstash prior to version 2.1.2, the CSV output can be attacked via engineered input that will...
High
Unreviewed
CVE-2016-1000222
was published
May 14, 2022
ProTip!
Advisories are also available from the
GraphQL API