Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

36 advisories

Loading
paymentrequest.py in Electrum before 4.2.2 allows a file:// URL in the r parameter of a payment... Moderate Unreviewed
CVE-2022-31246 was published Jun 18, 2022
Command line arguments could have been injected during Firefox invocation as a shell handler for... Moderate Unreviewed
CVE-2020-6799 was published May 24, 2022
Firejail through 0.9.62 does not honor the -- end-of-options indicator after the --output option,... Moderate Unreviewed
CVE-2020-17367 was published May 24, 2022
Improper neutralization of argument delimiters in a command ('Argument Injection') vulnerability... Moderate Unreviewed
CVE-2020-5657 was published May 24, 2022
KuaiFanCMS V5.x contains an arbitrary file read vulnerability in the html_url parameter of the... Moderate Unreviewed
CVE-2021-3256 was published May 24, 2022
An OS command argument injection vulnerability in the Palo Alto Networks PAN-OS web interface... Moderate Unreviewed
CVE-2021-3045 was published May 24, 2022
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker... Moderate Unreviewed
CVE-2019-1613 was published May 13, 2022
A tampering vulnerability exists when Microsoft browsers do not properly validate input under... Moderate Unreviewed
CVE-2019-0764 was published May 13, 2022
Incorrect command line processing in Chrome in Google Chrome prior to 73.0.3683.75 allowed a... Moderate Unreviewed
CVE-2019-5804 was published May 24, 2022
kernel/omap/drivers/rpmsg/rpmsg_omx.c in the kernel component in Amazon Kindle Fire HD(3rd) Fire... Moderate Unreviewed
CVE-2018-11020 was published May 14, 2022
A vulnerability has been identified in SIMATIC WinCC OA V3.15 (All versions), SIMATIC WinCC OA V3... Moderate Unreviewed
CVE-2022-44731 was published Dec 13, 2022
LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS... Moderate Unreviewed
CVE-2022-3140 was published Oct 12, 2022
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker... Moderate Unreviewed
CVE-2022-20930 was published Oct 1, 2022
A privilege escalation flaw was found in Amanda 3.5.1 in which the backup user can acquire root... Moderate Unreviewed
CVE-2022-37705 was published Apr 16, 2023
An OS command injection vulnerability in the XML API of Palo Alto Networks PAN-OS software... Moderate Unreviewed
CVE-2023-6792 was published Dec 13, 2023
A vulnerability in the application CLI of Cisco Prime Infrastructure and Cisco Evolved... Moderate Unreviewed
CVE-2023-20260 was published Jan 17, 2024
A vulnerability in the web-based management interface of the Cisco WAP371 Wireless-AC/N Dual... Moderate Unreviewed
CVE-2024-20287 was published Jan 17, 2024
Internet Explorer 5.5 and earlier executes Telnet sessions using command line arguments that are... Moderate Unreviewed
CVE-2001-0150 was published Apr 30, 2022
Argument injection vulnerability in Mozilla Firefox 1.0.6 allows user-assisted remote attackers... Moderate Unreviewed
CVE-2006-2057 was published May 1, 2022
Argument injection vulnerability in TellMe 1.2 and earlier allows remote attackers to modify... Moderate Unreviewed
CVE-2005-4699 was published May 1, 2022
Argument injection vulnerability in Avant Browser 10.1 Build 17 allows user-assisted remote... Moderate Unreviewed
CVE-2006-2058 was published May 1, 2022
Argument injection vulnerability in Internet Explorer 6 for Windows XP SP2 allows user-assisted... Moderate Unreviewed
CVE-2006-2056 was published May 1, 2022
Argument injection vulnerability in Microsoft Outlook 2003 SP1 allows user-assisted remote... Moderate Unreviewed
CVE-2006-2055 was published May 1, 2022
Help and Support Center in Microsoft Windows XP SP1 does not properly validate HCP URLs, which... Moderate Unreviewed
CVE-2003-0907 was published Apr 29, 2022
Argument injection vulnerability in HyperAccess 8.4 allows user-assisted remote attackers to... Moderate Unreviewed
CVE-2006-6597 was published May 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database