Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,179
Erlang
31
GitHub Actions
19
Go
1,982
Maven
5,000+
npm
3,701
NuGet
656
pip
3,323
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+

208 advisories

Loading
SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP... Critical Unreviewed
CVE-2022-22536 was published Feb 11, 2022
An issue was discovered in Varnish Cache 7.x before 7.1.2 and 7.2.x before 7.2.1. A request... High Unreviewed
CVE-2022-45059 was published Nov 9, 2022
In SAP NetWeaver Application Server Java - versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC, 7.22... Critical Unreviewed
CVE-2022-22532 was published Feb 11, 2022
A vulnerability was found in Apache HTTP Server 2.4.34 to 2.4.38. When HTTP/2 was enabled for a... Moderate Unreviewed
CVE-2019-0197 was published May 24, 2022
There is a vulnerability in Apache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.8, and 8.0.0 to 8... High Unreviewed
CVE-2019-17559 was published May 24, 2022
There is a vulnerability in Apache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.8, and 8.0.0 to 8... High Unreviewed
CVE-2020-1944 was published May 24, 2022
There is a vulnerability in Apache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.8, and 8.0.0 to 8... High Unreviewed
CVE-2019-17565 was published May 24, 2022
Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1... Moderate Unreviewed
CVE-2022-1705 was published Aug 11, 2022
AeroAdmin 4.1 uses an insecure protocol (HTTP) to perform software updates. An attacker can... High Unreviewed
CVE-2017-8894 was published May 17, 2022
Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in... High Unreviewed
CVE-2022-26377 was published Jun 10, 2022
The parser in accepts requests with a space (SP) right after the header name before the colon.... Moderate Unreviewed
CVE-2021-22959 was published May 24, 2022
The parse function in llhttp < 2.1.4 and < 6.0.6. ignores chunk extensions when parsing the body... Moderate Unreviewed
CVE-2021-22960 was published May 24, 2022
Quarkus does not terminate HTTP requests header context Critical
CVE-2022-2466 was published for io.quarkus:quarkus-core-parent (Maven) Sep 1, 2022
Inconsistent Interpretation of HTTP Requests in twisted.web High
CVE-2022-24801 was published for twisted (pip) Apr 4, 2022
zeyu2001 twm
exarkun
Inconsistent Interpretation of HTTP Requests in Waitress High
CVE-2019-16792 was published for waitress (pip) May 24, 2022
Inconsistent Interpretation of HTTP Requests in Red Hat JBoss EAP High
CVE-2017-7561 was published for org.jboss.resteas:resteasy-jaxrs (Maven) May 13, 2022
An exploitable vulnerability exists the safe browsing function of the CUJO Smart Firewall,... High Unreviewed
CVE-2018-4030 was published May 13, 2022
In the web management interface in Foscam C1 Indoor HD cameras with application firmware 2.52.2... High Unreviewed
CVE-2017-2850 was published May 13, 2022
An information disclosure vulnerability exists in the HTTP Server /ping.html functionality of... Moderate Unreviewed
CVE-2021-21966 was published Feb 17, 2022
HTTP Request Smuggling in waitress High
CVE-2022-24761 was published for waitress (pip) Mar 18, 2022
zeyu2001
Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are... Critical Unreviewed
CVE-2022-22720 was published Mar 15, 2022
Async-h1 request smuggling possible with long unread bodies Moderate
CVE-2020-26281 was published for async-h1 (Rust) Oct 12, 2021
HTTP Request Smuggling in goliath High
CVE-2020-7671 was published for goliath (RubyGems) May 24, 2021
HTTP Request Smuggling in reel High
CVE-2020-7659 was published for reel (RubyGems) May 24, 2021
HTTP Request Smuggling in hyper Moderate
CVE-2021-21299 was published for hyper (Rust) Aug 25, 2021
ZeddYu
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database