GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,497
Composer 4,963
Erlang 39
GitHub Actions 38
Go 2,615
Maven 6,096
npm 4,255
NuGet 760
pip 4,036
Pub 12
RubyGems 953
Rust 1,049
Swift 45

Unreviewed advisories

All unreviewed 275,677

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

49 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

CRLF-injection in KeeneticOS before 4.3 at "/auth" API endpoint allows attackers to take over the... Moderate Unreviewed

CVE-2025-56007 was published Oct 23, 2025

lunary-ai/lunary v1.2.26 contains an email injection vulnerability in the Send email verification... Moderate Unreviewed

CVE-2024-7472 was published Oct 29, 2024

A CRLF injection vulnerability in Neto CMS v6.313.0 through v6.314.0 allows attackers to execute... High Unreviewed

CVE-2025-28357 was published Oct 1, 2025

An improper neutralization of CRLF sequences ('CRLF Injection') vulnerability has been reported... High Unreviewed

CVE-2024-48868 was published Dec 6, 2024

An improper neutralization of CRLF sequences ('CRLF Injection') vulnerability has been reported... Moderate Unreviewed

CVE-2024-48867 was published Dec 6, 2024

A SQL injection vulnerability has been found in Gandia Integra Total of TESI from version 2.1... High Unreviewed

CVE-2025-41376 was published Aug 1, 2025

Improper neutralization of newlines in pg_dump in PostgreSQL allows a user of the origin server... High Unreviewed

CVE-2025-8715 was published Aug 14, 2025

Improper Neutralization of CRLF Sequences ('CRLF Injection') vulnerability in DECE Software Geodi... High Unreviewed

CVE-2025-6175 was published Jul 29, 2025

CLRF injection in Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before... Moderate Unreviewed

CVE-2025-0293 was published Jul 8, 2025

An unauthenticated attacker may perform a blind server side request forgery (SSRF), due to a CLRF... Moderate Unreviewed

CVE-2024-51981 was published Jun 26, 2025

A vulnerability was found in Ritlabs TinyWeb Server 1.94. It has been classified as problematic.... Moderate Unreviewed

CVE-2024-5193 was published May 22, 2024

SQL injection vulnerability in AES Multimedia's Gestnet v1.07. This vulnerability allows an... Critical Unreviewed

CVE-2025-40671 was published May 26, 2025

CRLF injection vulnerability in the web interface in OpenVPN Access Server 2.1.4 allows remote... Moderate Unreviewed

CVE-2017-5868 was published May 17, 2022

HTTP header injection vulnerability in TS-WPTCAM firmware version 1.18 and earlier, TS-WPTCAM2... Moderate Unreviewed

CVE-2017-2111 was published May 17, 2022

A CRLF Injection vulnerability in Ivanti Connect Secure (9.x, 22.x) allows an authenticated high... High Unreviewed

CVE-2023-38551 was published May 31, 2024

An improper neutralization of CRLF sequences ('CRLF Injection') vulnerability has been reported... Moderate Unreviewed

CVE-2024-50405 was published Mar 7, 2025

An improper neutralization of CRLF sequences ('CRLF Injection') vulnerability has been reported... High Unreviewed

CVE-2024-53693 was published Mar 7, 2025

Versions of the package yhirose/cpp-httplib before 0.12.4 are vulnerable to CRLF Injection when... High Unreviewed

CVE-2023-26130 was published May 30, 2023

A CRLF cross-site scripting vulnerability has been identified in certain configurations of the... High Unreviewed

CVE-2024-36459 was published Jun 14, 2024

An issue was discovered in Weaver e-cology 9.0. There is a CRLF Injection vulnerability via the ... Moderate Unreviewed

CVE-2019-10272 was published May 24, 2022

All versions of the package ithewei/libhv are vulnerable to CRLF Injection when untrusted user... Moderate Unreviewed

CVE-2023-26148 was published Sep 29, 2023

All versions of the package drogonframework/drogon are vulnerable to CRLF Injection when... Moderate Unreviewed

CVE-2023-26138 was published Jul 6, 2023

cPanel before 57.9999.105 allows newline injection via LOC records (CPANEL-6923). High Unreviewed

CVE-2016-10803 was published May 24, 2022

Incorrect implementation in Content Security Policy in Google Chrome prior to 67.0.3396.79... Moderate Unreviewed

CVE-2018-6148 was published May 24, 2022

The software does not neutralize or incorrectly neutralizes certain characters before the data is... High Unreviewed

CVE-2024-1226 was published Mar 12, 2024

Previous12 Next

Previous 1 2 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

49 advisories