GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,282
Maven
5,000+
npm
5,000+
NuGet
1,029
pip
5,000+
Pub
13
RubyGems
1,105
Rust
1,490
Swift
61
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
49 advisories
Filter by severity
A server-side request forgery (SSRF) vulnerability was identified in the GitHub Enterprise Server...
High
Unreviewed
CVE-2026-8034
was published
May 8, 2026
SEPPmail Secure Email Gateway before version 15.0.1 incorrectly interprets email addresses in the...
High
Unreviewed
CVE-2026-27444
was published
Mar 4, 2026
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.4 before 18.6.6, 18...
High
Unreviewed
CVE-2026-0958
was published
Feb 11, 2026
Due to a CRLF Injection vulnerability in SAP NetWeaver Application Server Java, an authenticated...
Low
Unreviewed
CVE-2026-23686
was published
Feb 10, 2026
An improper neutralization of crlf sequences in http headers ('http response splitting') in...
Moderate
Unreviewed
CVE-2024-54021
was published
Jan 14, 2025
IBM Aspera Faspex 5.0.0 through 5.0.9 could allow a user to bypass intended access restrictions...
Moderate
Unreviewed
CVE-2024-45097
was published
Sep 5, 2024
url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and...
Critical
Unreviewed
CVE-2024-38428
was published
Jun 16, 2024
A vulnerability in the activation of an access control list (ACL) on Cisco Adaptive Security...
Moderate
Unreviewed
CVE-2024-20293
was published
May 22, 2024
Softing Secure Integration Server Interpretation Conflict Remote Code Execution Vulnerability....
Moderate
Unreviewed
CVE-2023-39481
was published
May 3, 2024
An incorrect string comparison vulnerability in Palo Alto Networks PAN-OS software prevents...
Moderate
Unreviewed
CVE-2024-3386
was published
Apr 10, 2024
The console may experience a service interruption when processing file names with invalid...
Low
Unreviewed
CVE-2023-45715
was published
Mar 28, 2024
When a protocol selection parameter option disables all protocols without adding any then the...
Low
Unreviewed
CVE-2024-2004
was published
Mar 27, 2024
Amavis before 2.12.3 and 2.13.x before 2.13.1, in part because of its use of MIME-tools, has an...
High
Unreviewed
CVE-2024-28054
was published
Mar 18, 2024
IBM PowerSC 1.3, 2.0, and 2.1 uses insecure HTTP methods which could allow a remote attacker to...
Moderate
Unreviewed
CVE-2023-50327
was published
Feb 2, 2024
The vulnerability allows a remote attacker to inject arbitrary HTTP response headers or...
Moderate
Unreviewed
CVE-2023-48256
was published
Jan 10, 2024
A interpretation conflict in Fortinet IPS Engine versions 7.321, 7.166 and 6.158 allows attacker...
High
Unreviewed
CVE-2023-40718
was published
Oct 10, 2023
The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted...
Moderate
Unreviewed
CVE-2023-29406
was published
Jul 11, 2023
In Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, and Splunk Cloud Platform versions...
High
Unreviewed
CVE-2023-32708
was published
Jul 6, 2023
There is a misinterpretation of input vulnerability in Huawei Printer. Successful exploitation of...
High
Unreviewed
CVE-2022-48473
was published
Jun 16, 2023
There is a misinterpretation of input vulnerability in Huawei Printer. Successful exploitation of...
High
Unreviewed
CVE-2022-48471
was published
Jun 16, 2023
In the Linux kernel before 6.0.3, drivers/gpu/drm/virtio/virtgpu_object.c misinterprets the...
Moderate
Unreviewed
CVE-2023-22998
was published
Feb 28, 2023
There is a misinterpretation of input vulnerability in BiSheng-WNM FW 3.0.0.325. Successful...
High
Unreviewed
CVE-2022-48230
was published
Feb 27, 2023
There is a misinterpretation of input vulnerability in BiSheng-WNM FW 3.0.0.325. Successful...
High
Unreviewed
CVE-2022-48261
was published
Feb 27, 2023
A improper neutralization of crlf sequences in http headers ('http response splitting') in...
Moderate
Unreviewed
CVE-2022-42472
was published
Feb 16, 2023
In ModSecurity before 2.9.6 and 3.x before 3.0.8, HTTP multipart requests were incorrectly parsed...
High
Unreviewed
CVE-2022-48279
was published
Jan 20, 2023
ProTip!
Advisories are also available from the
GraphQL API