Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
74
GitHub Actions
54
Go
4,087
Maven
5,000+
npm
5,000+
NuGet
994
pip
5,000+
Pub
13
RubyGems
1,095
Rust
1,414
Swift
61
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

47 advisories

Loading
Argument injection vulnerability in WordPress Toolkit before 6.11.0 as used in cPanel & WHM,... Critical Unreviewed
CVE-2026-47365 was published Jun 12, 2026
The Adversarial Robustness Toolbox (ART) thru 1.20.1 contains a command-line argument injection... Critical Unreviewed
CVE-2026-31230 was published May 12, 2026
Improper neutralization of argument delimiters in a command ('argument injection') vulnerability... Critical Unreviewed
CVE-2026-2449 was published Apr 14, 2026
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability... Critical Unreviewed
CVE-2026-2298 was published Mar 23, 2026
TOTOLINK X5000R v9.1.0cu_2415_B20250515 contains an argument injection vulnerability in the... Critical Unreviewed
CVE-2025-70327 was published Feb 23, 2026
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability... Critical Unreviewed
CVE-2026-22582 was published Jan 24, 2026
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability... Critical Unreviewed
CVE-2026-22583 was published Jan 24, 2026
telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value... Critical Unreviewed
CVE-2026-24061 was published Jan 21, 2026
asdasdasdasdasdasdasd Critical Unreviewed
CVE-2025-11150 was published Sep 29, 2025
A vulnerability was found in Pagure. An argument injection in Git during retrieval of the... Critical Unreviewed
CVE-2024-47516 was published Mar 26, 2025
Argument injection in Ivanti Connect Secure before version 22.7R2.4 allows a remote authenticated... Critical Unreviewed
CVE-2024-11633 was published Dec 10, 2024
Argument injection in Ivanti Connect Secure before version 22.7R2.2 and 9.1R18.9 and Ivanti... Critical Unreviewed
CVE-2024-38656 was published Nov 13, 2024
Argument injection in Ivanti Connect Secure before version 22.7R2.1 and 9.1R18.7 and Ivanti... Critical Unreviewed
CVE-2024-39711 was published Nov 13, 2024
Argument injection in Ivanti Connect Secure before version 22.7R2.1 and 9.1R18.7 and Ivanti... Critical Unreviewed
CVE-2024-39712 was published Nov 13, 2024
Argument injection in Ivanti Connect Secure before version 22.7R2 and 9.1R18.7 and Ivanti Policy... Critical Unreviewed
CVE-2024-39710 was published Nov 13, 2024
Argument injection in Ivanti Connect Secure before version 22.7R2.1 and Ivanti Policy Secure... Critical Unreviewed
CVE-2024-38655 was published Nov 13, 2024
A vulnerability has been identified in Siemens SINEC Security Monitor (All versions < V4.9.0).... Critical Unreviewed
CVE-2024-47553 was published Oct 8, 2024
The product allows user input to control or influence paths or file names that are used in... Critical Unreviewed
CVE-2024-3980 was published Aug 27, 2024
Argument Injection Leading to Remote Code Execution in Realtime Graph Extension, allowing... Critical Unreviewed
CVE-2024-35307 was published Jun 10, 2024
An argument injection vulnerability has been identified in the administrative web interface of... Critical Unreviewed
CVE-2023-6269 was published Dec 5, 2023
There is a command injection problem in the old version of the mobile phone backup app. Critical Unreviewed
CVE-2023-26310 was published Aug 9, 2023
Connected IO v2.1.0 and prior has an argument injection vulnerability in its AT command message... Critical Unreviewed
CVE-2023-33378 was published Aug 4, 2023
Connected IO v2.1.0 and prior has an argument injection vulnerability in its iptables command... Critical Unreviewed
CVE-2023-33376 was published Aug 4, 2023
The go command may execute arbitrary code at build time when using cgo. This may occur when... Critical Unreviewed
CVE-2023-29405 was published Jun 8, 2023
AyaCMS 3.1.2 is vulnerable to file deletion via /aya/module/admin/fst_del.inc.php Critical Unreviewed
CVE-2022-47926 was published Dec 22, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database