Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,703
NuGet
661
pip
3,329
Pub
11
RubyGems
884
Rust
844
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

34 advisories

Loading
CRLF injection vulnerability in the drupal_goto function in includes/common.inc Drupal 4.7.x... Moderate Unreviewed
CVE-2007-5595 was published May 1, 2022
An exploitable HTTP header injection vulnerability exists in the remote servers of Samsung... High Unreviewed
CVE-2018-3911 was published May 13, 2022
Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0... Moderate Unreviewed
CVE-2017-17742 was published May 13, 2022
A vulnerability in the Cisco Email Security Appliance (ESA) could allow an unauthenticated,... Moderate Unreviewed
CVE-2017-12309 was published May 13, 2022
HTTP header injection vulnerability in SEIKO EPSON printers and scanners (DS-570W firmware... High Unreviewed
CVE-2018-0689 was published May 14, 2022
CRLF injection vulnerability in the HTTPConnection.putheader function in urllib2 and urllib in... Moderate Unreviewed
CVE-2016-5699 was published May 14, 2022
The YunoHost 2.7.2 through 2.7.14 web application is affected by one HTTP Response Header... High Unreviewed
CVE-2018-11347 was published May 14, 2022
HTTP header injection vulnerability in i-FILTER Ver.9.50R05 and earlier may allow remote... Moderate Unreviewed
CVE-2018-16181 was published May 14, 2022
Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting')... High Unreviewed
CVE-2018-7830 was published May 14, 2022
Monstra CMS V3.0.4 allows HTTP header injection in the plugins/captcha/crypt/cryptographp.php cfg... Moderate Unreviewed
CVE-2018-16979 was published May 14, 2022
CRLF injection vulnerability in the ServerResponse#writeHead function in Node.js 0.10.x before 0... Moderate Unreviewed
CVE-2016-5325 was published May 14, 2022
IBM Security Guardium 10.0 is vulnerable to HTTP response splitting attacks. A remote attacker... Moderate Unreviewed
CVE-2017-1262 was published May 14, 2022
HTTP header injection in the httpd package in fli4l before 3.10.1 and 4.0 before 2015-01-30. High Unreviewed
CVE-2015-1445 was published May 17, 2022
Improper neutralization of CRLF sequences in HTTP headers vulnerability in Intel Security... High Unreviewed
CVE-2016-8024 was published May 17, 2022
apt-cacher before 1.7.15 and apt-cacher-ng before 3.4 allow HTTP response splitting via encoded... Moderate Unreviewed
CVE-2017-7443 was published May 17, 2022
CRLF injection vulnerability in the HTTP Header Handler in Digital Broadband Delivery System in... Moderate Unreviewed
CVE-2015-0733 was published May 17, 2022
CRLF injection vulnerability in Huawei FusionAccess before V100R006C00 allows remote attackers to... Moderate Unreviewed
CVE-2016-6839 was published May 17, 2022
An issue was discovered in Netdata 1.10.0. HTTP Header Injection exists via the api/v1/data... Moderate Unreviewed
CVE-2018-18837 was published May 24, 2022
A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gateway). The vulnerability is... Moderate Unreviewed
CVE-2020-10753 was published May 24, 2022
A vulnerability exists in the http web interface where the web interface does not validate data... High Unreviewed
CVE-2021-40336 was published Jul 26, 2022
A vulnerability in Cisco Email Security Appliance (ESA) and Cisco Secure Email and Web Manager... Moderate Unreviewed
CVE-2022-20772 was published Nov 4, 2022
Prior to Apache HTTP Server 2.4.55, a malicious backend can cause the response headers to be... Moderate Unreviewed
CVE-2022-37436 was published Jan 17, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 15... Moderate Unreviewed
CVE-2023-0508 was published Jun 7, 2023
AMI SPx contains a vulnerability in the BMC where an Attacker may cause an improper... Moderate Unreviewed
CVE-2023-34472 was published Jul 5, 2023
All versions of the package drogonframework/drogon are vulnerable to HTTP Response Splitting when... Moderate Unreviewed
CVE-2023-26137 was published Jul 6, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database