Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
40
Go
2,974
Maven
5,000+
npm
4,621
NuGet
788
pip
4,317
Pub
12
RubyGems
984
Rust
1,131
Swift
49
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

206 advisories

Loading
telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value... Critical Unreviewed
CVE-2026-24061 was published Jan 21, 2026
Tanium addressed a local privilege escalation vulnerability in Tanium Module Server. Moderate Unreviewed
CVE-2025-15315 was published Feb 10, 2026
Tanium addressed a local privilege escalation vulnerability in Tanium Server. Moderate Unreviewed
CVE-2025-15316 was published Feb 10, 2026
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability... Critical Unreviewed
CVE-2026-22582 was published Jan 24, 2026
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability... Critical Unreviewed
CVE-2026-22583 was published Jan 24, 2026
WatchYourLAN Configuration Page Argument Injection Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2026-0774 was published Jan 23, 2026
Istio through 1.28.2 allows iptables rule injection for changing firewall behavior via the... Moderate Unreviewed
CVE-2026-23766 was published Jan 15, 2026
A Improper Neutralization of Argument Delimiters vulnerability in Foomuuri can lead to integrity... High Unreviewed
CVE-2025-67858 was published Jan 8, 2026
An Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')... Moderate Unreviewed
CVE-2025-66002 was published Jan 8, 2026
A flaw was found in libnbd. A malicious actor could exploit this by convincing libnbd to open a... Moderate Unreviewed
CVE-2025-14946 was published Dec 19, 2025
An improper neutralization of argument delimiters in a command vulnerability has been reported to... Moderate Unreviewed
CVE-2025-62847 was published Dec 16, 2025
Easywall 0.3.1 allows authenticated remote command execution via a command injection... High Unreviewed
CVE-2024-58275 was published Dec 4, 2025
A vulnerability was discovered where specific command line arguments are not properly discarded... Critical Unreviewed
CVE-2019-9794 was published May 24, 2022
An argument injection vulnerability exists in the affected product that could allow an attacker... High Unreviewed
CVE-2025-12556 was published Nov 6, 2025
A privilege escalation flaw was found in Amanda 3.5.1 in which the backup user can acquire root... Moderate Unreviewed
CVE-2022-37705 was published Apr 16, 2023
A vulnerability in the Mitel 6800 Series, 6900 Series, and 6900w Series SIP Phones, including the... Moderate Unreviewed
CVE-2024-41710 was published Aug 12, 2024
rcube_image.php in Roundcube Webmail before 1.4.4 allows attackers to execute arbitrary code via... High Unreviewed
CVE-2020-12641 was published May 24, 2022
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation... Low Unreviewed
CVE-2025-23073 was published Jan 14, 2025
Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release... Moderate Unreviewed
CVE-2025-36565 was published Oct 7, 2025
Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release... Moderate Unreviewed
CVE-2025-43905 was published Oct 7, 2025
Unity Editor 2019.1 through 6000.3 could allow remote attackers to exploit file loading and Local... High Unreviewed
CVE-2025-59489 was published Oct 3, 2025
asdasdasdasdasdasdasd Critical Unreviewed
CVE-2025-11150 was published Sep 29, 2025
Argument Injection Leading to Remote Code Execution in Realtime Graph Extension, allowing... Critical Unreviewed
CVE-2024-35307 was published Jun 10, 2024
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability... High Unreviewed
CVE-2025-47421 was published Sep 3, 2025
A server side request forgery vulnerability was identified in GitHub Enterprise Server that... High Unreviewed
CVE-2024-3684 was published Apr 19, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database