GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
35 advisories
Filter by severity
An issue was discovered on Accellion FTA devices before FTA_9_12_180. There is a CRLF...
Moderate
Unreviewed
CVE-2017-8788
was published
May 17, 2022
CRLF injection vulnerability in the url_parse function in url.c in Wget through 1.19.1 allows...
Moderate
Unreviewed
CVE-2017-6508
was published
May 17, 2022
HTTP header injection vulnerability in TS-WPTCAM firmware version 1.18 and earlier, TS-WPTCAM2...
Moderate
Unreviewed
CVE-2017-2111
was published
May 17, 2022
CRLF injection vulnerability in the web interface in OpenVPN Access Server 2.1.4 allows remote...
Moderate
Unreviewed
CVE-2017-5868
was published
May 17, 2022
An issue was discovered on Accellion FTA devices before FTA_9_12_180. There is a home/seos...
Moderate
Unreviewed
CVE-2017-8791
was published
May 17, 2022
An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through...
Moderate
Unreviewed
CVE-2019-9740
was published
May 13, 2022
An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through...
Moderate
Unreviewed
CVE-2019-9947
was published
May 13, 2022
GitLab CE/EE versions 8.18 up to 11.x before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 11...
High
Unreviewed
CVE-2018-19585
was published
May 24, 2022
CRLF injection vulnerability in phpMyVisites before 2.2 allows remote attackers to inject...
High
Unreviewed
CVE-2007-0892
was published
May 1, 2022
CRLF injection vulnerability in the web-based management (WBM) interface in Unify (former Siemens...
Moderate
Unreviewed
CVE-2014-9563
was published
May 13, 2022
Possible CRLF injection allowing HTTP response splitting attacks for sites which use mod_userdir....
Moderate
Unreviewed
CVE-2016-4975
was published
May 13, 2022
An issue was discovered in net/http in Go 1.11.5. CRLF injection is possible if the attacker...
Moderate
Unreviewed
CVE-2019-9741
was published
May 13, 2022
A Improper Neutralization of CRLF Sequences vulnerability in Open Build Service allows remote...
High
Unreviewed
CVE-2018-12477
was published
May 13, 2022
Ansible Tower as shipped with Red Hat CloudForms Management Engine 5 is vulnerable to CRLF...
Moderate
Unreviewed
CVE-2017-7528
was published
May 13, 2022
Domoticz before 4.10579 neglects to categorize \n and \r as insecure argument options.
High
Unreviewed
CVE-2019-10678
was published
May 14, 2022
CRLF injection vulnerability in Infoblox Network Automation NetMRI before 7.1.1 allows remote...
Moderate
Unreviewed
CVE-2016-6484
was published
May 14, 2022
CRLF injection vulnerability in VMware vCenter Server 6.0 before U2 and ESXi 6.0 allows remote...
Moderate
Unreviewed
CVE-2016-5331
was published
May 14, 2022
Net::SMTP in Ruby before 2.4.0 is vulnerable to SMTP command injection via CRLF sequences in a...
Moderate
Unreviewed
CVE-2015-9096
was published
May 14, 2022
Insufficient restriction of IPP filters in CUPS in Google Chrome OS prior to 62.0.3202.74 allowed...
High
Unreviewed
CVE-2017-15400
was published
May 14, 2022
CRLF injection vulnerability in OXID eShop Professional Edition before 4.7.11 and 4.8.x before 4...
Moderate
Unreviewed
CVE-2014-2017
was published
May 14, 2022
CrushFTP before 7.8.0 and 8.x before 8.2.0 has an HTTP header vulnerability.
Moderate
Unreviewed
CVE-2017-14037
was published
May 17, 2022
CRLF injection vulnerability in IBM Flex System EN6131 40Gb Ethernet and IB6131 40Gb Infiniband...
Moderate
Unreviewed
CVE-2014-9564
was published
May 17, 2022
A vulnerability in the Clientless SSL VPN (WebVPN) of Cisco Adaptive Security Appliance (ASA)...
Moderate
Unreviewed
CVE-2020-3561
was published
May 24, 2022
A CRLF injection vulnerability has been found in ManageEngine Desktop Central affecting version 9...
Moderate
Unreviewed
CVE-2023-4768
was published
Nov 3, 2023
A CRLF injection vulnerability has been found in ManageEngine Desktop Central affecting version 9...
Moderate
Unreviewed
CVE-2023-4767
was published
Nov 3, 2023
ProTip!
Advisories are also available from the
GraphQL API