GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
190 advisories
Filter by severity
In JetBrains TeamCity before 2020.2.3, argument injection leading to remote code execution was...
Critical
Unreviewed
CVE-2021-31909
was published
May 24, 2022
Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters, relevant in non-default...
Critical
Unreviewed
CVE-2020-28026
was published
May 24, 2022
Innorix Web-Based File Transfer Solution versuibs prior to and including 9.2.18.385 contains a...
High
Unreviewed
CVE-2020-7851
was published
May 24, 2022
Duplicate Advisory: Improper Neutralization of CRLF Sequences in dio
High
GHSA-jwpw-q68h-r678
was published
for
dio
(Pub)
May 24, 2022
•
withdrawn
A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker...
High
Unreviewed
CVE-2021-1485
was published
May 24, 2022
NBBDownloader.ocx ActiveX Control in Groupware contains a vulnerability that could allow remote...
High
Unreviewed
CVE-2020-7850
was published
May 24, 2022
Multiple vulnerabilities in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated,...
High
Unreviewed
CVE-2021-1454
was published
May 24, 2022
Multiple vulnerabilities in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated,...
High
Unreviewed
CVE-2021-1383
was published
May 24, 2022
The fbgames protocol handler registered as part of Facebook Gameroom does not properly quote...
Critical
Unreviewed
CVE-2021-24030
was published
May 24, 2022
A Remote Code Execution vulnerability has been found in Inspur ClusterEngine V4.0. A remote...
Critical
Unreviewed
CVE-2020-21224
was published
May 24, 2022
Endian Firewall Community (aka EFW) 3.3.2 allows remote authenticated users to execute arbitrary...
High
Unreviewed
CVE-2021-27201
was published
May 24, 2022
encoding.c in GNU Screen through 4.8.0 allows remote attackers to cause a denial of service ...
Critical
Unreviewed
CVE-2021-26937
was published
May 24, 2022
A Command Injection issue in the traceroute feature on TP-Link TL-WR841N V13 (JP) with firmware...
High
Unreviewed
CVE-2020-35576
was published
May 24, 2022
DrayTek Vigor2960 1.5.1 allows remote command execution via shell metacharacters in a toLogin2FA...
High
Unreviewed
CVE-2020-19664
was published
May 24, 2022
Dolibarr authenticated Remote Code Execution
High
CVE-2020-35136
was published
for
dolibarr/dolibarr
(Composer)
May 24, 2022
Xinuos (formerly SCO) Openserver v5 and v6 allows attackers to execute arbitrary commands via...
Critical
Unreviewed
CVE-2020-25494
was published
May 24, 2022
Go before 1.14.12 and 1.15.x before 1.15.5 allows Argument Injection.
Critical
Unreviewed
CVE-2020-28367
was published
May 24, 2022
A vulnerability in the remote management feature of Cisco SD-WAN vManage Software could allow an...
High
Unreviewed
CVE-2020-27129
was published
May 24, 2022
Improper neutralization of argument delimiters in a command ('Argument Injection') vulnerability...
Moderate
Unreviewed
CVE-2020-5657
was published
May 24, 2022
Improper neutralization of argument delimiters in a command in Nagios XI 5.7.3 allows a remote,...
High
Unreviewed
CVE-2020-5792
was published
May 24, 2022
Firejail through 0.9.62 does not honor the -- end-of-options indicator after the --output option,...
Moderate
Unreviewed
CVE-2020-17367
was published
May 24, 2022
aaPanel through 6.6.6 allows remote authenticated users to execute arbitrary commands via the...
High
Unreviewed
CVE-2020-14421
was published
May 24, 2022
In RAONWIZ K Upload v2018.0.2.51 and prior, automatic update processing without integrity check...
High
Unreviewed
CVE-2020-7808
was published
May 24, 2022
rcube_image.php in Roundcube Webmail before 1.4.4 allows attackers to execute arbitrary code via...
High
Unreviewed
CVE-2020-12641
was published
May 24, 2022
Command line arguments could have been injected during Firefox invocation as a shell handler for...
Moderate
Unreviewed
CVE-2020-6799
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API