GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
21
Go
2,003
Maven
5,000+
npm
3,714
NuGet
661
pip
3,387
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
118 advisories
Filter by severity
An HTTP request smuggling in web application in ASUS ROG Rapture GT-AX11000, RT-AX3000, RT-AX55,...
High
Unreviewed
CVE-2021-41436
was published
Nov 20, 2021
M-Files Web before 20.10.9524.1 allows a denial of service via overlapping ranges (in HTTP...
High
Unreviewed
CVE-2021-37253
was published
Dec 6, 2021
An HTTP request smuggling attack in TP-Link AX10v1 before v1_211117 allows a remote...
High
Unreviewed
CVE-2021-41450
was published
Dec 9, 2021
An HTTP/1.1 misconfiguration in web interface of TP-Link AX10v1 before V1_211117 could allow an...
High
Unreviewed
CVE-2021-41451
was published
Dec 18, 2021
A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software...
High
Unreviewed
CVE-2021-34704
was published
Jan 12, 2022
A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software...
High
Unreviewed
CVE-2021-1573
was published
Jan 12, 2022
Imperva Web Application Firewall (WAF) before 2021-12-31 allows remote unauthenticated attackers...
Critical
Unreviewed
CVE-2021-45468
was published
Jan 15, 2022
An issue was discovered in VeridiumID VeridiumAD 2.5.3.0. The HTTP request to trigger push...
High
Unreviewed
CVE-2021-42791
was published
Jan 29, 2022
In Varnish Cache before 6.6.2 and 7.x before 7.0.2, Varnish Cache 6.0 LTS before 6.0.10, and and...
Critical
Unreviewed
CVE-2022-23959
was published
Feb 8, 2022
Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')
High
Unreviewed
CVE-2021-23336
was published
Feb 8, 2022
An HTTP smuggling attack in the web application of D-Link DIR-X1860 before v1.10WWB09_Beta allows...
High
Unreviewed
CVE-2021-41442
was published
Feb 10, 2022
In SAP NetWeaver Application Server Java - versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC, 7.22...
Critical
Unreviewed
CVE-2022-22532
was published
Feb 11, 2022
SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP...
Critical
Unreviewed
CVE-2022-22536
was published
Feb 11, 2022
An information disclosure vulnerability exists in the HTTP Server /ping.html functionality of...
Moderate
Unreviewed
CVE-2021-21966
was published
Feb 17, 2022
Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are...
Critical
Unreviewed
CVE-2022-22720
was published
Mar 15, 2022
BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4...
High
Unreviewed
CVE-2021-25220
was published
Mar 24, 2022
A flaw was found in the original fix for the netty-codec-http CVE-2021-21409, where the OpenShift...
Moderate
Unreviewed
CVE-2022-0552
was published
Apr 12, 2022
Microsoft IIS 5.0 and 6.0 allows remote attackers to poison the web cache, bypass web application...
Moderate
Unreviewed
CVE-2005-2089
was published
May 1, 2022
The Apache HTTP server before 1.3.34, and 2.0.x before 2.0.55, when acting as an HTTP proxy,...
Moderate
Unreviewed
CVE-2005-2088
was published
May 1, 2022
HTTP request smuggling vulnerability in Sun Java System Proxy Server before 20061130, when used...
Moderate
Unreviewed
CVE-2006-6276
was published
May 1, 2022
In the web management interface in Foscam C1 Indoor HD cameras with application firmware 2.52.2...
High
Unreviewed
CVE-2017-2850
was published
May 13, 2022
An exploitable vulnerability exists the safe browsing function of the CUJO Smart Firewall,...
High
Unreviewed
CVE-2018-4030
was published
May 13, 2022
An exploitable vulnerability exists in the REST parser of video-core's HTTP server of the Samsung...
High
Unreviewed
CVE-2018-3909
was published
May 13, 2022
An exploitable vulnerability exists in the REST parser of video-core's HTTP server of the Samsung...
High
Unreviewed
CVE-2018-3908
was published
May 13, 2022
An exploitable vulnerability exists in the REST parser of video-core's HTTP server of the Samsung...
High
Unreviewed
CVE-2018-3907
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API