GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
39 advisories
Filter by severity
IBM Aspera Faspex 5.0.0 through 5.0.9 could allow a user to bypass intended access restrictions...
Moderate
Unreviewed
CVE-2024-45097
was published
Sep 5, 2024
url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and...
Critical
Unreviewed
CVE-2024-38428
was published
Jun 16, 2024
A vulnerability in the activation of an access control list (ACL) on Cisco Adaptive Security...
Moderate
Unreviewed
CVE-2024-20293
was published
May 22, 2024
Softing Secure Integration Server Interpretation Conflict Remote Code Execution Vulnerability....
Moderate
Unreviewed
CVE-2023-39481
was published
May 3, 2024
An incorrect string comparison vulnerability in Palo Alto Networks PAN-OS software prevents...
Moderate
Unreviewed
CVE-2024-3386
was published
Apr 10, 2024
When a protocol selection parameter option disables all protocols without adding any then the...
Low
Unreviewed
CVE-2024-2004
was published
Mar 27, 2024
IBM PowerSC 1.3, 2.0, and 2.1 uses insecure HTTP methods which could allow a remote attacker to...
Moderate
Unreviewed
CVE-2023-50327
was published
Feb 2, 2024
The vulnerability allows a remote attacker to inject arbitrary HTTP response headers or...
Moderate
Unreviewed
CVE-2023-48256
was published
Jan 10, 2024
A interpretation conflict in Fortinet IPS Engine versions 7.321, 7.166 and 6.158 allows attacker...
High
Unreviewed
CVE-2023-40718
was published
Oct 10, 2023
The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted...
Moderate
Unreviewed
CVE-2023-29406
was published
Jul 11, 2023
In Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, and Splunk Cloud Platform versions...
High
Unreviewed
CVE-2023-32708
was published
Jul 6, 2023
There is a misinterpretation of input vulnerability in Huawei Printer. Successful exploitation of...
High
Unreviewed
CVE-2022-48473
was published
Jun 16, 2023
There is a misinterpretation of input vulnerability in Huawei Printer. Successful exploitation of...
High
Unreviewed
CVE-2022-48471
was published
Jun 16, 2023
In the Linux kernel before 6.0.3, drivers/gpu/drm/virtio/virtgpu_object.c misinterprets the...
Moderate
Unreviewed
CVE-2023-22998
was published
Feb 28, 2023
A improper neutralization of crlf sequences in http headers ('http response splitting') in...
Moderate
Unreviewed
CVE-2022-42472
was published
Feb 16, 2023
Prior to Apache HTTP Server 2.4.55, a malicious backend can cause the response headers to be...
Moderate
Unreviewed
CVE-2022-37436
was published
Jan 17, 2023
Insecure method vulnerability in which allowed HTTP methods are disclosed. E.g., OPTIONS, DELETE,...
Moderate
Unreviewed
CVE-2022-38115
was published
Nov 23, 2022
A vulnerability in the implementation of IPv6 VPN over MPLS (6VPE) with Zone-Based Firewall (ZBFW...
High
Unreviewed
CVE-2022-20915
was published
Oct 11, 2022
An HTTP response splitting attack in web application in ASUS RT-AX88U before v3.0.0.4.388.20558...
Moderate
Unreviewed
CVE-2021-41437
was published
Sep 27, 2022
Fossil 2.18 on Windows allows attackers to cause a denial of service (daemon crash) via an XSS...
Moderate
Unreviewed
CVE-2022-34009
was published
Jul 29, 2022
A vulnerability in the TrustSec CLI parser of Cisco IOS and Cisco IOS XE Software could allow an...
High
Unreviewed
CVE-2021-34699
was published
May 24, 2022
An issue was discovered in Aviatrix Controller 6.x before 6.5-1804.1922. Unrestricted upload of a...
Critical
Unreviewed
CVE-2021-40870
was published
May 24, 2022
A vulnerability in the VXLAN Operation, Administration, and Maintenance (OAM) feature of Cisco NX...
High
Unreviewed
CVE-2021-1587
was published
May 24, 2022
Firefox incorrectly treated an inline list-item element as a block element, resulting in an out...
High
Unreviewed
CVE-2021-29988
was published
May 24, 2022
Microsoft SharePoint Server Remote Code Execution Vulnerability
High
Unreviewed
CVE-2021-28474
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API