Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
86
GitHub Actions
54
Go
4,175
Maven
5,000+
npm
5,000+
NuGet
1,019
pip
5,000+
Pub
13
RubyGems
1,102
Rust
1,421
Swift
61
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

28 advisories

Loading
Jenkins Script Security Plugin 1402.v94c9ce464861 and earlier does not reject Groovy AST... High Unreviewed
CVE-2026-57281 was published Jun 24, 2026
The 'clientId' parameter from incoming HTTP requests is directly concatenated into OAuth2 server... High Unreviewed
CVE-2026-50629 was published Jun 12, 2026
Metrics::Any::Adapter::Statsd versions before 0.04 for Perl does not protect against metric... High Unreviewed
CVE-2026-50637 was published Jun 10, 2026
In libinput before 1.30.4 and 1.31.x before 1.31.3, libinput-device-group unescaped phys output... High Unreviewed
CVE-2026-50292 was published Jun 4, 2026
Etsy::StatsD versions through 1.002002 for Perl allow metric injections. The metric names and... High Unreviewed
CVE-2026-46741 was published Jun 4, 2026
Net::Statsd::Lite versions through 0.10.0 for Perl allowed metric injections. The values from... High Unreviewed
CVE-2026-8788 was published May 18, 2026
Net::Statsd::Tiny versions before 0.3.8 for Perl allowed metric injections. The metric names and... High Unreviewed
CVE-2026-46720 was published May 17, 2026
Improper sanitization of the `status` query parameter of the `/unprotected/nova_error` endpoint... High Unreviewed
CVE-2026-32993 was published May 14, 2026
Improper neutralization of CRLF sequences ('CRLF injection') vulnerability in TUBITAK BILGEM... High Unreviewed
CVE-2026-5140 was published Apr 29, 2026
MailGates/MailAudit developed by Openfind has a CRLF Injection vulnerability, allowing... High Unreviewed
CVE-2026-6351 was published Apr 16, 2026
The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +21 Modules – All in One Solution... High Unreviewed
CVE-2026-1714 was published Feb 18, 2026
A CRLF injection vulnerability in Neto CMS v6.313.0 through v6.314.0 allows attackers to execute... High Unreviewed
CVE-2025-28357 was published Oct 1, 2025
Improper neutralization of newlines in pg_dump in PostgreSQL allows a user of the origin server... High Unreviewed
CVE-2025-8715 was published Aug 14, 2025
A SQL injection vulnerability has been found in Gandia Integra Total of TESI from version 2.1... High Unreviewed
CVE-2025-41376 was published Aug 1, 2025
Improper Neutralization of CRLF Sequences ('CRLF Injection') vulnerability in DECE Software Geodi... High Unreviewed
CVE-2025-6175 was published Jul 29, 2025
An improper neutralization of CRLF sequences ('CRLF Injection') vulnerability has been reported... High Unreviewed
CVE-2024-53693 was published Mar 7, 2025
An improper neutralization of CRLF sequences ('CRLF Injection') vulnerability has been reported... High Unreviewed
CVE-2024-48868 was published Dec 6, 2024
A CRLF cross-site scripting vulnerability has been identified in certain configurations of the... High Unreviewed
CVE-2024-36459 was published Jun 14, 2024
A CRLF Injection vulnerability in Ivanti Connect Secure (9.x, 22.x) allows an authenticated high... High Unreviewed
CVE-2023-38551 was published May 31, 2024
The software does not neutralize or incorrectly neutralizes certain characters before the data is... High Unreviewed
CVE-2024-1226 was published Mar 12, 2024
A vulnerability in the SAML authentication process of Cisco Secure Client could allow an... High Unreviewed
CVE-2024-20337 was published Mar 6, 2024
Versions of the package yhirose/cpp-httplib before 0.12.4 are vulnerable to CRLF Injection when... High Unreviewed
CVE-2023-26130 was published May 30, 2023
cPanel before 57.9999.105 allows newline injection via LOC records (CPANEL-6923). High Unreviewed
CVE-2016-10803 was published May 24, 2022
GitLab CE/EE versions 8.18 up to 11.x before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 11... High Unreviewed
CVE-2018-19585 was published May 24, 2022
Insufficient restriction of IPP filters in CUPS in Google Chrome OS prior to 62.0.3202.74 allowed... High Unreviewed
CVE-2017-15400 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database