GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 25,028
Composer 5,080
Erlang 39
GitHub Actions 38
Go 2,750
Maven 6,169
npm 4,353
NuGet 765
pip 4,114
Pub 12
RubyGems 960
Rust 1,069
Swift 45

Unreviewed advisories

All unreviewed 280,632

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

39 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A vulnerability was discovered where specific command line arguments are not properly discarded... Critical Unreviewed

CVE-2019-9794 was published May 24, 2022

asdasdasdasdasdasdasd Critical Unreviewed

CVE-2025-11150 was published Sep 29, 2025

Argument Injection Leading to Remote Code Execution in Realtime Graph Extension, allowing... Critical Unreviewed

CVE-2024-35307 was published Jun 10, 2024

BusyBox through 1.35.0 allows remote attackers to execute arbitrary code if netstat is used to... Critical Unreviewed

CVE-2022-28391 was published Apr 4, 2022

encoding.c in GNU Screen through 4.8.0 allows remote attackers to cause a denial of service ... Critical Unreviewed

CVE-2021-26937 was published May 24, 2022

In Xfce xfce4-settings before 4.16.4 and 4.17.x before 4.17.1, there is an argument injection... Critical Unreviewed

CVE-2022-45062 was published Nov 9, 2022

A vulnerability was found in Pagure. An argument injection in Git during retrieval of the... Critical Unreviewed

CVE-2024-47516 was published Mar 26, 2025

Argument injection in Ivanti Connect Secure before version 22.7R2.4 allows a remote authenticated... Critical Unreviewed

CVE-2024-11633 was published Dec 10, 2024

The go command may execute arbitrary code at build time when using cgo. This may occur when... Critical Unreviewed

CVE-2023-29405 was published Jun 8, 2023

Argument injection in Ivanti Connect Secure before version 22.7R2.2 and 9.1R18.9 and Ivanti... Critical Unreviewed

CVE-2024-38656 was published Nov 13, 2024

Argument injection in Ivanti Connect Secure before version 22.7R2.1 and 9.1R18.7 and Ivanti... Critical Unreviewed

CVE-2024-39711 was published Nov 13, 2024

Argument injection in Ivanti Connect Secure before version 22.7R2 and 9.1R18.7 and Ivanti Policy... Critical Unreviewed

CVE-2024-39710 was published Nov 13, 2024

Argument injection in Ivanti Connect Secure before version 22.7R2.1 and 9.1R18.7 and Ivanti... Critical Unreviewed

CVE-2024-39712 was published Nov 13, 2024

Argument injection in Ivanti Connect Secure before version 22.7R2.1 and Ivanti Policy Secure... Critical Unreviewed

CVE-2024-38655 was published Nov 13, 2024

A vulnerability has been identified in Siemens SINEC Security Monitor (All versions < V4.9.0).... Critical Unreviewed

CVE-2024-47553 was published Oct 8, 2024

The product allows user input to control or influence paths or file names that are used in... Critical Unreviewed

CVE-2024-3980 was published Aug 27, 2024

There is a command injection problem in the old version of the mobile phone backup app. Critical Unreviewed

CVE-2023-26310 was published Aug 9, 2023

Connected IO v2.1.0 and prior has an argument injection vulnerability in its AT command message... Critical Unreviewed

CVE-2023-33378 was published Aug 4, 2023

Connected IO v2.1.0 and prior has an argument injection vulnerability in its iptables command... Critical Unreviewed

CVE-2023-33376 was published Aug 4, 2023

The Sangoma Session Border Controller (SBC) 2.3.23-119 GA web interface is vulnerable to an... Critical Unreviewed

CVE-2019-12148 was published May 24, 2022

The Sangoma Session Border Controller (SBC) 2.3.23-119 GA web interface is vulnerable to Argument... Critical Unreviewed

CVE-2019-12147 was published May 24, 2022

An argument injection vulnerability has been identified in the administrative web interface of... Critical Unreviewed

CVE-2023-6269 was published Dec 5, 2023

Go before 1.14.12 and 1.15.x before 1.15.5 allows Argument Injection. Critical Unreviewed

CVE-2020-28367 was published May 24, 2022

Atlassian Fisheye and Crucible versions less than 4.4.3 and version 4.5.0 are vulnerable to... Critical Unreviewed

CVE-2017-14591 was published May 17, 2022

There was an argument injection vulnerability in Sourcetree for macOS via filenames in Mercurial... Critical Unreviewed

CVE-2018-13385 was published May 13, 2022

Previous12 Next

Previous 1 2 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

39 advisories