GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,494
Composer 4,963
Erlang 39
GitHub Actions 38
Go 2,615
Maven 6,095
npm 4,255
NuGet 760
pip 4,034
Pub 12
RubyGems 953
Rust 1,049
Swift 45

Unreviewed advisories

All unreviewed 275,625

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

49 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

CRLF-injection in KeeneticOS before 4.3 at "/auth" API endpoint allows attackers to take over the... Moderate Unreviewed

CVE-2025-56007 was published Oct 23, 2025

A CRLF injection vulnerability in Neto CMS v6.313.0 through v6.314.0 allows attackers to execute... High Unreviewed

CVE-2025-28357 was published Oct 1, 2025

Improper neutralization of newlines in pg_dump in PostgreSQL allows a user of the origin server... High Unreviewed

CVE-2025-8715 was published Aug 14, 2025

A SQL injection vulnerability has been found in Gandia Integra Total of TESI from version 2.1... High Unreviewed

CVE-2025-41376 was published Aug 1, 2025

Improper Neutralization of CRLF Sequences ('CRLF Injection') vulnerability in DECE Software Geodi... High Unreviewed

CVE-2025-6175 was published Jul 29, 2025

CLRF injection in Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before... Moderate Unreviewed

CVE-2025-0293 was published Jul 8, 2025

An unauthenticated attacker may perform a blind server side request forgery (SSRF), due to a CLRF... Moderate Unreviewed

CVE-2024-51981 was published Jun 26, 2025

SQL injection vulnerability in AES Multimedia's Gestnet v1.07. This vulnerability allows an... Critical Unreviewed

CVE-2025-40671 was published May 26, 2025

An improper neutralization of CRLF sequences ('CRLF Injection') vulnerability has been reported... High Unreviewed

CVE-2024-53693 was published Mar 7, 2025

An improper neutralization of CRLF sequences ('CRLF Injection') vulnerability has been reported... Moderate Unreviewed

CVE-2024-50405 was published Mar 7, 2025

An improper neutralization of CRLF sequences ('CRLF Injection') vulnerability has been reported... Moderate Unreviewed

CVE-2024-48867 was published Dec 6, 2024

An improper neutralization of CRLF sequences ('CRLF Injection') vulnerability has been reported... High Unreviewed

CVE-2024-48868 was published Dec 6, 2024

lunary-ai/lunary v1.2.26 contains an email injection vulnerability in the Send email verification... Moderate Unreviewed

CVE-2024-7472 was published Oct 29, 2024

A CRLF cross-site scripting vulnerability has been identified in certain configurations of the... High Unreviewed

CVE-2024-36459 was published Jun 14, 2024

A CRLF Injection vulnerability in Ivanti Connect Secure (9.x, 22.x) allows an authenticated high... High Unreviewed

CVE-2023-38551 was published May 31, 2024

A vulnerability was found in Ritlabs TinyWeb Server 1.94. It has been classified as problematic.... Moderate Unreviewed

CVE-2024-5193 was published May 22, 2024

The software does not neutralize or incorrectly neutralizes certain characters before the data is... High Unreviewed

CVE-2024-1226 was published Mar 12, 2024

A vulnerability in the SAML authentication process of Cisco Secure Client could allow an... High Unreviewed

CVE-2024-20337 was published Mar 6, 2024

A CRLF injection vulnerability has been found in ManageEngine Desktop Central affecting version 9... Moderate Unreviewed

CVE-2023-4767 was published Nov 3, 2023

A CRLF injection vulnerability has been found in ManageEngine Desktop Central affecting version 9... Moderate Unreviewed

CVE-2023-4768 was published Nov 3, 2023

All versions of the package ithewei/libhv are vulnerable to CRLF Injection when untrusted user... Moderate Unreviewed

CVE-2023-26148 was published Sep 29, 2023

All versions of the package drogonframework/drogon are vulnerable to CRLF Injection when... Moderate Unreviewed

CVE-2023-26138 was published Jul 6, 2023

Versions of the package yhirose/cpp-httplib before 0.12.4 are vulnerable to CRLF Injection when... High Unreviewed

CVE-2023-26130 was published May 30, 2023

A vulnerability in the Clientless SSL VPN (WebVPN) of Cisco Adaptive Security Appliance (ASA)... Moderate Unreviewed

CVE-2020-3561 was published May 24, 2022

cPanel before 57.9999.105 allows newline injection via LOC records (CPANEL-6923). High Unreviewed

CVE-2016-10803 was published May 24, 2022

Previous12 Next

Previous 1 2 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

49 advisories