Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,703
NuGet
661
pip
3,328
Pub
11
RubyGems
884
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

48 advisories

Loading
An HTTP request smuggling in web application in ASUS ROG Rapture GT-AX11000, RT-AX3000, RT-AX55,... High Unreviewed
CVE-2021-41436 was published Nov 20, 2021
M-Files Web before 20.10.9524.1 allows a denial of service via overlapping ranges (in HTTP... High Unreviewed
CVE-2021-37253 was published Dec 6, 2021
An HTTP request smuggling attack in TP-Link AX10v1 before v1_211117 allows a remote... High Unreviewed
CVE-2021-41450 was published Dec 9, 2021
An HTTP/1.1 misconfiguration in web interface of TP-Link AX10v1 before V1_211117 could allow an... High Unreviewed
CVE-2021-41451 was published Dec 18, 2021
A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software... High Unreviewed
CVE-2021-34704 was published Jan 12, 2022
A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software... High Unreviewed
CVE-2021-1573 was published Jan 12, 2022
An issue was discovered in VeridiumID VeridiumAD 2.5.3.0. The HTTP request to trigger push... High Unreviewed
CVE-2021-42791 was published Jan 29, 2022
Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') High Unreviewed
CVE-2021-23336 was published Feb 8, 2022
An HTTP smuggling attack in the web application of D-Link DIR-X1860 before v1.10WWB09_Beta allows... High Unreviewed
CVE-2021-41442 was published Feb 10, 2022
BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4... High Unreviewed
CVE-2021-25220 was published Mar 24, 2022
In the web management interface in Foscam C1 Indoor HD cameras with application firmware 2.52.2... High Unreviewed
CVE-2017-2850 was published May 13, 2022
An exploitable vulnerability exists the safe browsing function of the CUJO Smart Firewall,... High Unreviewed
CVE-2018-4030 was published May 13, 2022
An exploitable vulnerability exists in the REST parser of video-core's HTTP server of the Samsung... High Unreviewed
CVE-2018-3909 was published May 13, 2022
An exploitable vulnerability exists in the REST parser of video-core's HTTP server of the Samsung... High Unreviewed
CVE-2018-3908 was published May 13, 2022
An exploitable vulnerability exists in the REST parser of video-core's HTTP server of the Samsung... High Unreviewed
CVE-2018-3907 was published May 13, 2022
Node.js: All versions prior to Node.js 6.15.0 and 8.14.0: HTTP request splitting: If Node.js can... High Unreviewed
CVE-2018-12116 was published May 13, 2022
An active network attacker (MiTM) can achieve remote code execution on a machine that runs IKARUS... High Unreviewed
CVE-2017-15643 was published May 17, 2022
AeroAdmin 4.1 uses an insecure protocol (HTTP) to perform software updates. An attacker can... High Unreviewed
CVE-2017-8894 was published May 17, 2022
Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling. High Unreviewed
CVE-2019-16276 was published May 24, 2022
A flaw was found in HAProxy before 2.0.6. In legacy mode, messages featuring a transfer-encoding... High Unreviewed
CVE-2019-18277 was published May 24, 2022
HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer... High Unreviewed
CVE-2019-15605 was published May 24, 2022
A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface ... High Unreviewed
CVE-2019-19223 was published May 24, 2022
There is a vulnerability in Apache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.8, and 8.0.0 to 8... High Unreviewed
CVE-2019-17559 was published May 24, 2022
There is a vulnerability in Apache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.8, and 8.0.0 to 8... High Unreviewed
CVE-2019-17565 was published May 24, 2022
There is a vulnerability in Apache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.8, and 8.0.0 to 8... High Unreviewed
CVE-2020-1944 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database