GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 28,962
Composer 5,604
Erlang 49
GitHub Actions 49
Go 3,518
Maven 6,409
npm 5,728
NuGet 911
pip 4,758
Pub 13
RubyGems 1,036
Rust 1,228
Swift 53

Unreviewed advisories

All unreviewed 297,945

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

222 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Improper neutralization of argument delimiters in a command ('argument injection') vulnerability... Critical Unreviewed

CVE-2026-2449 was published Apr 14, 2026

The LearnPress plugin for WordPress is vulnerable to Command Injection in all versions up to, and... High Unreviewed

CVE-2023-6634 was published Jan 11, 2024

Code execution in AssistFeedbackService of TECNO Pova7 Pro 5G on Android allows local apps to... High Unreviewed

CVE-2026-0634 was published Apr 2, 2026

In KubePlus 4.1.4, the mutating webhook and kubeconfiggenerator components have an SSRF... High Unreviewed

CVE-2026-29954 was published Mar 30, 2026

Zabbix Agent 2 Docker plugin does not properly sanitize the 'docker.container_info' parameters... Moderate Unreviewed

CVE-2026-23924 was published Mar 24, 2026

Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability... Critical Unreviewed

CVE-2026-2298 was published Mar 23, 2026

Calling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the... Moderate Unreviewed

CVE-2026-4438 was published Mar 20, 2026

A remote, unauthenticated attacker may be able to send crafted messages to the web server of the... High Unreviewed

CVE-2024-22182 was published Mar 1, 2024

The URI handlers in Konqueror for KDE 3.2.2 and earlier do not properly filter "-" characters... High Unreviewed

CVE-2004-0411 was published Apr 29, 2022

Argument injection vulnerability in Microsoft Outlook 2002 does not sufficiently filter... High Unreviewed

CVE-2004-0121 was published Apr 29, 2022

Help and Support Center in Microsoft Windows XP SP1 does not properly validate HCP URLs, which... Moderate Unreviewed

CVE-2003-0907 was published Apr 29, 2022

Argument injection vulnerability in HyperAccess 8.4 allows user-assisted remote attackers to... Moderate Unreviewed

CVE-2006-6597 was published May 1, 2022

Argument injection vulnerability in Beagle before 0.2.5 allows attackers to execute arbitrary... High Unreviewed

CVE-2006-1865 was published May 1, 2022

Argument injection vulnerability in Internet Explorer 6 for Windows XP SP2 allows user-assisted... Moderate Unreviewed

CVE-2006-2056 was published May 1, 2022

Argument injection vulnerability in WinSCP 3.8.1 build 328 allows remote attackers to upload or... High Unreviewed

CVE-2006-3015 was published May 1, 2022

Argument injection vulnerability in the URI handler in Skype 2.0.*.104 and 2.5.*.0 through 2.5.*... Low Unreviewed

CVE-2006-2312 was published May 1, 2022

Argument injection vulnerability in Microsoft Outlook 2003 SP1 allows user-assisted remote... Moderate Unreviewed

CVE-2006-2055 was published May 1, 2022

Argument injection vulnerability in the Windows Object Packager (packager.exe) in Microsoft... Moderate Unreviewed

CVE-2006-4692 was published May 1, 2022

An input validation vulnerability was reported in the DeviceSettingsSystemAddin used in Lenovo... Moderate Unreviewed

CVE-2026-1716 was published Mar 11, 2026

An input validation vulnerability was reported in the DeviceSettingsSystemAddin used in Lenovo... Moderate Unreviewed

CVE-2026-1715 was published Mar 11, 2026

An input validation vulnerability was reported in the LenovoProductivitySystemAddin used in... Moderate Unreviewed

CVE-2026-1717 was published Mar 11, 2026

An improper neutralization of argument delimiters in a command ('argument injection')... Moderate Unreviewed

CVE-2026-25689 was published Mar 10, 2026

A low‑privileged local attacker who gains access to the UBR service account (e.g., via SSH) can... High Unreviewed

CVE-2025-41761 was published Mar 9, 2026

The Settings application has an argument injection vulnerability. Successful exploitation of this... High Unreviewed

CVE-2022-37005 was published Aug 11, 2022

A vulnerability in the Cisco FXOS Software CLI feature for Cisco Secure Firewall ASA Software and... Moderate Unreviewed

CVE-2026-20016 was published Mar 4, 2026

Previous1…9 Next

Previous 1 2 3 4 5 … 8 9 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

222 advisories