Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

193 advisories

Loading
kernel/omap/drivers/rpmsg/rpmsg_omx.c in the kernel component in Amazon Kindle Fire HD(3rd) Fire... Moderate Unreviewed
CVE-2018-11020 was published May 14, 2022
kernel/omap/drivers/misc/gcx/gcioctl/gcif.c in the kernel component in Amazon Kindle Fire HD (3rd... High Unreviewed
CVE-2018-11024 was published May 14, 2022
kernel/omap/drivers/misc/gcx/gcioctl/gcif.c in the kernel component in Amazon Kindle Fire HD(3rd)... High Unreviewed
CVE-2018-11022 was published May 14, 2022
kernel/omap/drivers/misc/gcx/gcioctl/gcif.c in the kernel component in Amazon Kindle Fire HD(3rd)... High Unreviewed
CVE-2018-11019 was published May 14, 2022
kernel/omap/drivers/video/omap2/dsscomp/device.c in the kernel component in Amazon Kindle Fire HD... High Unreviewed
CVE-2018-11021 was published May 14, 2022
kernel/omap/drivers/misc/gcx/gcioctl/gcif.c in the kernel component in Amazon Kindle Fire HD (3rd... High Unreviewed
CVE-2018-11023 was published May 14, 2022
kernel/omap/drivers/mfd/twl6030-gpadc.c in the kernel component in Amazon Kindle Fire HD(3rd)... High Unreviewed
CVE-2018-11025 was published May 14, 2022
CRITICAL: An improper neutralization of argument delimiters in a command vulnerability was... High Unreviewed
CVE-2022-23740 was published Nov 23, 2022
Atlassian Fisheye and Crucible versions less than 4.4.3 and version 4.5.0 are vulnerable to... Critical Unreviewed
CVE-2017-14591 was published May 17, 2022
A vulnerability has been identified in SIMATIC WinCC OA V3.15 (All versions), SIMATIC WinCC OA V3... Moderate Unreviewed
CVE-2022-44731 was published Dec 13, 2022
Improper Neutralization of Special Elements used in a Command ('Command Injection') in Weblate High
CVE-2022-23915 was published for Weblate (pip) Mar 4, 2022
dellalibera
Command injection in Rancher Git package Moderate
CVE-2022-43758 was published for github.com/rancher/rancher (Go) Jan 25, 2023
cokeBeer snoopysecurity
A improper neutralization of argument delimiters in a command ('argument injection') in Fortinet... High Unreviewed
CVE-2022-40677 was published Feb 16, 2023
LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS... Moderate Unreviewed
CVE-2022-3140 was published Oct 12, 2022
CoreDial sipXcom up to and including 21.04 is vulnerable to Improper Neutralization of Argument... High Unreviewed
CVE-2023-25356 was published Apr 4, 2023
Go before 1.14.12 and 1.15.x before 1.15.5 allows Argument Injection. Critical Unreviewed
CVE-2020-28367 was published May 24, 2022
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an... High Unreviewed
CVE-2019-1795 was published May 24, 2022
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an... High Unreviewed
CVE-2019-1780 was published May 24, 2022
Remote command injection when using sendmail email transport Moderate
GHSA-wfrj-qqc2-83cm was published for ghost (npm) Sep 20, 2021
tdunlap607
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an... High Unreviewed
CVE-2019-1779 was published May 24, 2022
Command injection in cocoapods-downloader High
CVE-2022-21223 was published for cocoapods-downloader (RubyGems) Apr 2, 2022
Command injection in cocoapods-downloader High
CVE-2022-24440 was published for cocoapods-downloader (RubyGems) Apr 2, 2022
tdunlap607
In RAONWIZ K Upload v2018.0.2.51 and prior, automatic update processing without integrity check... High Unreviewed
CVE-2020-7808 was published May 24, 2022
In Xfce xfce4-settings before 4.16.4 and 4.17.x before 4.17.1, there is an argument injection... Critical Unreviewed
CVE-2022-45062 was published Nov 9, 2022
Command injection in Git package in Wrangler High
CVE-2022-31249 was published for github.com/rancher/wrangler (Go) Jan 25, 2023
cokeBeer aruneko
tdunlap607
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database