Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,179
Erlang
31
GitHub Actions
19
Go
1,982
Maven
5,000+
npm
3,701
NuGet
656
pip
3,323
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+

62 advisories

Loading
HTTP header injection vulnerability in TS-WPTCAM firmware version 1.18 and earlier, TS-WPTCAM2... Moderate Unreviewed
CVE-2017-2111 was published May 17, 2022
An issue was discovered on Accellion FTA devices before FTA_9_12_180. There is a home/seos... Moderate Unreviewed
CVE-2017-8791 was published May 17, 2022
An issue was discovered on Accellion FTA devices before FTA_9_12_180. There is a CRLF... Moderate Unreviewed
CVE-2017-8788 was published May 17, 2022
CRLF injection vulnerability in the web interface in OpenVPN Access Server 2.1.4 allows remote... Moderate Unreviewed
CVE-2017-5868 was published May 17, 2022
CRLF injection vulnerability in the url_parse function in url.c in Wget through 1.19.1 allows... Moderate Unreviewed
CVE-2017-6508 was published May 17, 2022
CRLF injection vulnerability in IBM Flex System EN6131 40Gb Ethernet and IB6131 40Gb Infiniband... Moderate Unreviewed
CVE-2014-9564 was published May 17, 2022
CrushFTP before 7.8.0 and 8.x before 8.2.0 has an HTTP header vulnerability. Moderate Unreviewed
CVE-2017-14037 was published May 17, 2022
Improper Neutralization of CRLF Sequences in Wildfly Undertow Moderate
CVE-2016-4993 was published for org.wildfly:wildfly-undertow (Maven) May 17, 2022
CRLF injection vulnerability in OXID eShop Professional Edition before 4.7.11 and 4.8.x before 4... Moderate Unreviewed
CVE-2014-2017 was published May 14, 2022
Insufficient restriction of IPP filters in CUPS in Google Chrome OS prior to 62.0.3202.74 allowed... High Unreviewed
CVE-2017-15400 was published May 14, 2022
Net::SMTP in Ruby before 2.4.0 is vulnerable to SMTP command injection via CRLF sequences in a... Moderate Unreviewed
CVE-2015-9096 was published May 14, 2022
CRLF injection vulnerability in Infoblox Network Automation NetMRI before 7.1.1 allows remote... Moderate Unreviewed
CVE-2016-6484 was published May 14, 2022
CRLF injection vulnerability in VMware vCenter Server 6.0 before U2 and ESXi 6.0 allows remote... Moderate Unreviewed
CVE-2016-5331 was published May 14, 2022
Buildbot CRLF Injection Moderate
CVE-2019-7313 was published for buildbot (pip) May 14, 2022
Domoticz before 4.10579 neglects to categorize \n and \r as insecure argument options. High Unreviewed
CVE-2019-10678 was published May 14, 2022
Ansible Tower as shipped with Red Hat CloudForms Management Engine 5 is vulnerable to CRLF... Moderate Unreviewed
CVE-2017-7528 was published May 13, 2022
A Improper Neutralization of CRLF Sequences vulnerability in Open Build Service allows remote... High Unreviewed
CVE-2018-12477 was published May 13, 2022
Kallithea CRLF injection vulnerability High
CVE-2015-5285 was published for kallithea (pip) May 13, 2022
Moodle CRLF Injection Vulnerability in Calendar Component Moderate
CVE-2011-4203 was published for moodle/moodle (Composer) May 13, 2022
An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through... Moderate Unreviewed
CVE-2019-9947 was published May 13, 2022
An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through... Moderate Unreviewed
CVE-2019-9740 was published May 13, 2022
An issue was discovered in net/http in Go 1.11.5. CRLF injection is possible if the attacker... Moderate Unreviewed
CVE-2019-9741 was published May 13, 2022
Possible CRLF injection allowing HTTP response splitting attacks for sites which use mod_userdir.... Moderate Unreviewed
CVE-2016-4975 was published May 13, 2022
Improper Neutralization of CRLF Sequences in urllib3 library for Python Moderate
CVE-2019-11236 was published for urllib3 (pip) May 13, 2022
CRLF injection vulnerability in the web-based management (WBM) interface in Unify (former Siemens... Moderate Unreviewed
CVE-2014-9563 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database