GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
34 advisories
Filter by severity
CRLF injection vulnerability in the drupal_goto function in includes/common.inc Drupal 4.7.x...
Moderate
Unreviewed
CVE-2007-5595
was published
May 1, 2022
An exploitable HTTP header injection vulnerability exists in the remote servers of Samsung...
High
Unreviewed
CVE-2018-3911
was published
May 13, 2022
Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0...
Moderate
Unreviewed
CVE-2017-17742
was published
May 13, 2022
A vulnerability in the Cisco Email Security Appliance (ESA) could allow an unauthenticated,...
Moderate
Unreviewed
CVE-2017-12309
was published
May 13, 2022
HTTP header injection vulnerability in SEIKO EPSON printers and scanners (DS-570W firmware...
High
Unreviewed
CVE-2018-0689
was published
May 14, 2022
CRLF injection vulnerability in the HTTPConnection.putheader function in urllib2 and urllib in...
Moderate
Unreviewed
CVE-2016-5699
was published
May 14, 2022
The YunoHost 2.7.2 through 2.7.14 web application is affected by one HTTP Response Header...
High
Unreviewed
CVE-2018-11347
was published
May 14, 2022
HTTP header injection vulnerability in i-FILTER Ver.9.50R05 and earlier may allow remote...
Moderate
Unreviewed
CVE-2018-16181
was published
May 14, 2022
Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting')...
High
Unreviewed
CVE-2018-7830
was published
May 14, 2022
Monstra CMS V3.0.4 allows HTTP header injection in the plugins/captcha/crypt/cryptographp.php cfg...
Moderate
Unreviewed
CVE-2018-16979
was published
May 14, 2022
CRLF injection vulnerability in the ServerResponse#writeHead function in Node.js 0.10.x before 0...
Moderate
Unreviewed
CVE-2016-5325
was published
May 14, 2022
IBM Security Guardium 10.0 is vulnerable to HTTP response splitting attacks. A remote attacker...
Moderate
Unreviewed
CVE-2017-1262
was published
May 14, 2022
HTTP header injection in the httpd package in fli4l before 3.10.1 and 4.0 before 2015-01-30.
High
Unreviewed
CVE-2015-1445
was published
May 17, 2022
Improper neutralization of CRLF sequences in HTTP headers vulnerability in Intel Security...
High
Unreviewed
CVE-2016-8024
was published
May 17, 2022
apt-cacher before 1.7.15 and apt-cacher-ng before 3.4 allow HTTP response splitting via encoded...
Moderate
Unreviewed
CVE-2017-7443
was published
May 17, 2022
CRLF injection vulnerability in the HTTP Header Handler in Digital Broadband Delivery System in...
Moderate
Unreviewed
CVE-2015-0733
was published
May 17, 2022
CRLF injection vulnerability in Huawei FusionAccess before V100R006C00 allows remote attackers to...
Moderate
Unreviewed
CVE-2016-6839
was published
May 17, 2022
An issue was discovered in Netdata 1.10.0. HTTP Header Injection exists via the api/v1/data...
Moderate
Unreviewed
CVE-2018-18837
was published
May 24, 2022
A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gateway). The vulnerability is...
Moderate
Unreviewed
CVE-2020-10753
was published
May 24, 2022
A vulnerability exists in the http web interface where the web interface does not validate data...
High
Unreviewed
CVE-2021-40336
was published
Jul 26, 2022
A vulnerability in Cisco Email Security Appliance (ESA) and Cisco Secure Email and Web Manager...
Moderate
Unreviewed
CVE-2022-20772
was published
Nov 4, 2022
Prior to Apache HTTP Server 2.4.55, a malicious backend can cause the response headers to be...
Moderate
Unreviewed
CVE-2022-37436
was published
Jan 17, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 15...
Moderate
Unreviewed
CVE-2023-0508
was published
Jun 7, 2023
AMI SPx contains a vulnerability in the BMC where an Attacker may cause an improper...
Moderate
Unreviewed
CVE-2023-34472
was published
Jul 5, 2023
All versions of the package drogonframework/drogon are vulnerable to HTTP Response Splitting when...
Moderate
Unreviewed
CVE-2023-26137
was published
Jul 6, 2023
ProTip!
Advisories are also available from the
GraphQL API