Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

866 advisories

Loading
Open redirect vulnerability via endpoint authorize_and_redirect/?redirect= in GitHub repository... Moderate Unreviewed
CVE-2022-0645 was published Apr 20, 2022
A URL redirection vulnerability in Skyhigh SWG in main releases 10.x prior to 10.2.9, 9.x prior... Moderate Unreviewed
CVE-2022-1254 was published Apr 21, 2022
Automated Logic's WebCtrl Server Version 6.1 'Help' index pages are vulnerable to open... Moderate Unreviewed
CVE-2022-1019 was published Apr 20, 2022
drupal6 version 6.16 has open redirection Moderate Unreviewed
CVE-2010-2471 was published Apr 21, 2022
It was found in vanilla forums before 2.0.10 a potential linkbait vulnerability in dispatcher. Moderate Unreviewed
CVE-2010-4266 was published Apr 21, 2022
An intent redirection vulnerability in the Mi App Store product. This vulnerability is caused by... Moderate Unreviewed
CVE-2020-14118 was published Apr 22, 2022
NextAuth.js default redirect callback vulnerable to open redirects Moderate
CVE-2022-24858 was published for next-auth (npm) Apr 22, 2022
rustyguts
URL Redirection to Untrusted Site ('Open Redirect') in next-auth Moderate
CVE-2022-29214 was published for next-auth (npm) May 24, 2022
Ry0taK
The English WordPress Admin WordPress plugin before 1.5.2 does not validate the... Moderate Unreviewed
CVE-2021-25111 was published Apr 26, 2022
In NOKIA 1350 OMS R14.2, an Open Redirect vulnerability occurs is the login page via next HTTP... Moderate Unreviewed
CVE-2022-39814 was published Sep 14, 2022
Gophish before 0.12.0 vulnerable to Open Redirect Moderate
CVE-2022-25295 was published for github.com/gophish/gophish (Go) Sep 12, 2022
Open redirect in ASP.NET Core Moderate
CVE-2019-1075 was published for Microsoft.AspNetCore.All (NuGet) May 24, 2022
Insufficient policy enforcement in service workers in Google Chrome prior to 74.0.3729.108... Moderate Unreviewed
CVE-2019-5823 was published May 24, 2022
In affected Octopus Server versions when the server HTTP and HTTPS bindings are configured to... Moderate Unreviewed
CVE-2022-23184 was published Feb 8, 2022
The CGIHandler class in Python before 2.7.12 does not protect against the HTTP_PROXY variable... Moderate Unreviewed
CVE-2016-1000110 was published May 24, 2022
Traefik vulnerable to Open Redirect via handling of X-Forwarded-Prefix header Moderate
CVE-2020-15129 was published for github.com/containous/traefik (Go) Feb 11, 2022
avivdolev
E-Series SANtricity OS Controller Software 11.x versions through 11.70.2 are vulnerable to host... Moderate Unreviewed
CVE-2022-23237 was published Jun 3, 2022
Due to insufficient input validation, SAP Financial Consolidation - version 1010, allows an... Moderate Unreviewed
CVE-2022-41208 was published Nov 9, 2022
SAP Financial Consolidation - version 1010, does not sufficiently encode user-controlled input... Moderate Unreviewed
CVE-2022-41260 was published Nov 9, 2022
In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended... Moderate Unreviewed
CVE-2020-1927 was published May 24, 2022
Due to insufficient input validation, SAP Financial Consolidation - version 1010, allows an... Moderate Unreviewed
CVE-2022-41258 was published Nov 9, 2022
Server-side request forgery in Apache Dubbo Moderate
CVE-2022-24969 was published for com.alibaba:dubbo (Maven) Jun 10, 2022
Apache Helix UI vulnerable to Open Redirect Moderate
CVE-2022-47500 was published for org.apache.helix:helix (Maven) Dec 19, 2022
There is URL Redirector Abuse in MetInfo through 5.3.17 via the gourl parameter to member/login.php. Moderate Unreviewed
CVE-2017-11718 was published May 17, 2022
XOOPS Core 2.5.8 has a stored URL redirect bypass vulnerability in /modules/profile/index.php... Moderate Unreviewed
CVE-2017-12138 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database