Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,179
Erlang
31
GitHub Actions
19
Go
1,982
Maven
5,000+
npm
3,701
NuGet
656
pip
3,323
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+

78 advisories

Loading
Jetty vulnerable to cache poisoning due to inconsistent HTTP request handling (HTTP Request Smuggling) High
CVE-2017-7656 was published for org.eclipse.jetty:jetty-server (Maven) Oct 19, 2018
Parse Server before v3.4.1 vulnerable to Denial of Service High
CVE-2019-1020012 was published for parse-server (npm) Jun 13, 2019
HTTP Request Smuggling in Netty High
CVE-2019-16869 was published for io.netty:netty-all (Maven) Oct 11, 2019
G-Rath westonsteimel
SunBK201
HTTP Request Smuggling: LF vs CRLF handling in Waitress High
CVE-2019-16785 was published for waitress (pip) Dec 20, 2019
HTTP Request Smuggling: Invalid Transfer-Encoding in Waitress High
CVE-2019-16786 was published for waitress (pip) Dec 20, 2019
HTTP Request Smuggling: Invalid whitespace characters in headers in Waitress High
GHSA-m5ff-3wj3-8ph4 was published for waitress (pip) Dec 26, 2019
HTTP Request Smuggling in Waitress: Invalid whitespace characters in headers (Follow-up) High
CVE-2019-16789 was published for waitress (pip) Jan 6, 2020
HTTP Request Smuggling in Netty High
CVE-2020-7238 was published for io.netty:netty-handler (Maven) Feb 21, 2020
HTTP Smuggling via Transfer-Encoding Header in Puma High
CVE-2020-11076 was published for puma (RubyGems) May 22, 2020
ZeddYu
HTTP Request Smuggling in reel High
CVE-2020-7659 was published for reel (RubyGems) May 24, 2021
HTTP Request Smuggling in goliath High
CVE-2020-7671 was published for goliath (RubyGems) May 24, 2021
Inconsistent Interpretation of HTTP Requests in github.com/gin-gonic/gin High
CVE-2020-28483 was published for github.com/gin-gonic/gin (Go) Jun 23, 2021
HTTP Request Smuggling in actix-http High
CVE-2021-38512 was published for actix-http (Rust) Aug 25, 2021
An HTTP request smuggling in web application in ASUS ROG Rapture GT-AX11000, RT-AX3000, RT-AX55,... High Unreviewed
CVE-2021-41436 was published Nov 20, 2021
HTTP Request Smuggling in github.com/hyperledger/fabric High
CVE-2021-43669 was published for github.com/hyperledger/fabric (Go) Dec 3, 2021
M-Files Web before 20.10.9524.1 allows a denial of service via overlapping ranges (in HTTP... High Unreviewed
CVE-2021-37253 was published Dec 6, 2021
An HTTP request smuggling attack in TP-Link AX10v1 before v1_211117 allows a remote... High Unreviewed
CVE-2021-41450 was published Dec 9, 2021
An HTTP/1.1 misconfiguration in web interface of TP-Link AX10v1 before V1_211117 could allow an... High Unreviewed
CVE-2021-41451 was published Dec 18, 2021
A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software... High Unreviewed
CVE-2021-34704 was published Jan 12, 2022
A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software... High Unreviewed
CVE-2021-1573 was published Jan 12, 2022
Umbraco ApplicationURL Overwrite High
CVE-2022-22690 was published for Umbraco.Cms.Core (NuGet) Jan 21, 2022
Umbraco Persistent Password Reset Poison High
CVE-2022-22691 was published for Umbraco.Cms.Core (NuGet) Jan 21, 2022
An issue was discovered in VeridiumID VeridiumAD 2.5.3.0. The HTTP request to trigger push... High Unreviewed
CVE-2021-42791 was published Jan 29, 2022
Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') High Unreviewed
CVE-2021-23336 was published Feb 8, 2022
An HTTP smuggling attack in the web application of D-Link DIR-X1860 before v1.10WWB09_Beta allows... High Unreviewed
CVE-2021-41442 was published Feb 10, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database