GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
21
Go
2,003
Maven
5,000+
npm
3,714
NuGet
661
pip
3,386
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
49 advisories
Filter by severity
An HTTP request smuggling in web application in ASUS ROG Rapture GT-AX11000, RT-AX3000, RT-AX55,...
High
Unreviewed
CVE-2021-41436
was published
Nov 20, 2021
M-Files Web before 20.10.9524.1 allows a denial of service via overlapping ranges (in HTTP...
High
Unreviewed
CVE-2021-37253
was published
Dec 6, 2021
An HTTP request smuggling attack in TP-Link AX10v1 before v1_211117 allows a remote...
High
Unreviewed
CVE-2021-41450
was published
Dec 9, 2021
An HTTP/1.1 misconfiguration in web interface of TP-Link AX10v1 before V1_211117 could allow an...
High
Unreviewed
CVE-2021-41451
was published
Dec 18, 2021
A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software...
High
Unreviewed
CVE-2021-34704
was published
Jan 12, 2022
A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software...
High
Unreviewed
CVE-2021-1573
was published
Jan 12, 2022
An issue was discovered in VeridiumID VeridiumAD 2.5.3.0. The HTTP request to trigger push...
High
Unreviewed
CVE-2021-42791
was published
Jan 29, 2022
Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')
High
Unreviewed
CVE-2021-23336
was published
Feb 8, 2022
An HTTP smuggling attack in the web application of D-Link DIR-X1860 before v1.10WWB09_Beta allows...
High
Unreviewed
CVE-2021-41442
was published
Feb 10, 2022
BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4...
High
Unreviewed
CVE-2021-25220
was published
Mar 24, 2022
In the web management interface in Foscam C1 Indoor HD cameras with application firmware 2.52.2...
High
Unreviewed
CVE-2017-2850
was published
May 13, 2022
An exploitable vulnerability exists the safe browsing function of the CUJO Smart Firewall,...
High
Unreviewed
CVE-2018-4030
was published
May 13, 2022
An exploitable vulnerability exists in the REST parser of video-core's HTTP server of the Samsung...
High
Unreviewed
CVE-2018-3909
was published
May 13, 2022
An exploitable vulnerability exists in the REST parser of video-core's HTTP server of the Samsung...
High
Unreviewed
CVE-2018-3908
was published
May 13, 2022
An exploitable vulnerability exists in the REST parser of video-core's HTTP server of the Samsung...
High
Unreviewed
CVE-2018-3907
was published
May 13, 2022
Node.js: All versions prior to Node.js 6.15.0 and 8.14.0: HTTP request splitting: If Node.js can...
High
Unreviewed
CVE-2018-12116
was published
May 13, 2022
An active network attacker (MiTM) can achieve remote code execution on a machine that runs IKARUS...
High
Unreviewed
CVE-2017-15643
was published
May 17, 2022
AeroAdmin 4.1 uses an insecure protocol (HTTP) to perform software updates. An attacker can...
High
Unreviewed
CVE-2017-8894
was published
May 17, 2022
Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling.
High
Unreviewed
CVE-2019-16276
was published
May 24, 2022
A flaw was found in HAProxy before 2.0.6. In legacy mode, messages featuring a transfer-encoding...
High
Unreviewed
CVE-2019-18277
was published
May 24, 2022
HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer...
High
Unreviewed
CVE-2019-15605
was published
May 24, 2022
A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface ...
High
Unreviewed
CVE-2019-19223
was published
May 24, 2022
There is a vulnerability in Apache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.8, and 8.0.0 to 8...
High
Unreviewed
CVE-2019-17559
was published
May 24, 2022
There is a vulnerability in Apache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.8, and 8.0.0 to 8...
High
Unreviewed
CVE-2019-17565
was published
May 24, 2022
There is a vulnerability in Apache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.8, and 8.0.0 to 8...
High
Unreviewed
CVE-2020-1944
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API