Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

193 advisories

Loading
kernel/omap/drivers/mfd/twl6030-gpadc.c in the kernel component in Amazon Kindle Fire HD(3rd)... High Unreviewed
CVE-2018-11025 was published May 14, 2022
Atlassian Fisheye and Crucible versions less than 4.4.3 and version 4.5.0 are vulnerable to... Critical Unreviewed
CVE-2017-14591 was published May 17, 2022
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an... High Unreviewed
CVE-2019-1779 was published May 24, 2022
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an... High Unreviewed
CVE-2019-1795 was published May 24, 2022
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an... High Unreviewed
CVE-2019-1780 was published May 24, 2022
Incorrect command line processing in Chrome in Google Chrome prior to 73.0.3683.75 allowed a... Moderate Unreviewed
CVE-2019-5804 was published May 24, 2022
An argument injection vulnerability in Atlassian Sourcetree for Windows's URI handlers, in all... High Unreviewed
CVE-2019-11582 was published May 24, 2022
In MobaXterm 11.1, the mobaxterm: URI handler has an argument injection vulnerability that allows... High Unreviewed
CVE-2019-13475 was published May 24, 2022
Wind River VxWorks 6.6, 6.7, 6.8, 6.9.3, 6.9.4, and Vx7 has Incorrect Access Control in IPv4... High Unreviewed
CVE-2019-12264 was published May 24, 2022
cgi-bin/cmh/webcam.sh in Vera Edge Home Controller 1.7.4452 allows remote unauthenticated users... High Unreviewed
CVE-2019-15498 was published May 24, 2022
rustls-mio/examples/tlsserver.rs in the rustls crate before 0.16.0 for Rust allows attackers to... High Unreviewed
CVE-2019-15541 was published May 24, 2022
The Sangoma Session Border Controller (SBC) 2.3.23-119 GA web interface is vulnerable to an... Critical Unreviewed
CVE-2019-12148 was published May 24, 2022
The Sangoma Session Border Controller (SBC) 2.3.23-119 GA web interface is vulnerable to Argument... Critical Unreviewed
CVE-2019-12147 was published May 24, 2022
An exploitable privilege escalation vulnerability exists in the Wacom, driver version 6.3.32-3,... High Unreviewed
CVE-2019-5013 was published May 24, 2022
An exploitable privilege escalation vulnerability exists in the Wacom, driver version 6.3.32-3,... High Unreviewed
CVE-2019-5012 was published May 24, 2022
Command line arguments could have been injected during Firefox invocation as a shell handler for... Moderate Unreviewed
CVE-2020-6799 was published May 24, 2022
rcube_image.php in Roundcube Webmail before 1.4.4 allows attackers to execute arbitrary code via... High Unreviewed
CVE-2020-12641 was published May 24, 2022
In RAONWIZ K Upload v2018.0.2.51 and prior, automatic update processing without integrity check... High Unreviewed
CVE-2020-7808 was published May 24, 2022
aaPanel through 6.6.6 allows remote authenticated users to execute arbitrary commands via the... High Unreviewed
CVE-2020-14421 was published May 24, 2022
Firejail through 0.9.62 does not honor the -- end-of-options indicator after the --output option,... Moderate Unreviewed
CVE-2020-17367 was published May 24, 2022
Improper neutralization of argument delimiters in a command in Nagios XI 5.7.3 allows a remote,... High Unreviewed
CVE-2020-5792 was published May 24, 2022
Improper neutralization of argument delimiters in a command ('Argument Injection') vulnerability... Moderate Unreviewed
CVE-2020-5657 was published May 24, 2022
A vulnerability in the remote management feature of Cisco SD-WAN vManage Software could allow an... High Unreviewed
CVE-2020-27129 was published May 24, 2022
Go before 1.14.12 and 1.15.x before 1.15.5 allows Argument Injection. Critical Unreviewed
CVE-2020-28367 was published May 24, 2022
Xinuos (formerly SCO) Openserver v5 and v6 allows attackers to execute arbitrary commands via... Critical Unreviewed
CVE-2020-25494 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database