Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

78 advisories

Loading
Unsafe handling of user-specified cookies in treq High
CVE-2022-23607 was published for treq (pip) Feb 1, 2022
glyph twm
HAPI FHIR XML External Entity (XXE) vulnerability High
CVE-2024-51132 was published for ca.uhn.hapi.fhir:org.hl7.fhir.convertors (Maven) Nov 5, 2024
Keycloak Open Redirect vulnerability High
CVE-2024-8883 was published for org.keycloak:keycloak-services (Maven) Sep 19, 2024
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Microchip TimeProvider 4100... High Unreviewed
CVE-2024-43683 was published Oct 4, 2024
VMware SD-WAN Orchestrator contains an open redirect vulnerability. A malicious actor may be... High Unreviewed
CVE-2024-22248 was published Apr 2, 2024
Open redirection vulnerability in CDeX application allows to redirect users to arbitrary websites... High Unreviewed
CVE-2024-2465 was published Mar 21, 2024
Drupal has open redirect vulnerability in the Overlay module High
CVE-2013-6389 was published for drupal/drupal (Composer) May 17, 2022
Rudloff
rdiffweb vulnerable to Open Redirect High
CVE-2022-4720 was published for rdiffweb (pip) Dec 27, 2022
URL Redirection to Untrusted Site ('Open Redirect') in Products.isurlinportal High
CVE-2021-32806 was published for Products.isurlinportal (pip) Aug 5, 2021
Plone Open Redirection vulnerability via next parameter High
CVE-2013-4200 was published for Plone (pip) May 14, 2022
An issue has been discovered in GitLab affecting all versions starting from 8.15 before 16.2.8,... High Unreviewed
CVE-2023-3922 was published Sep 29, 2023
Open redirect via transitional IPv6 addresses on dual-stack networks High
CVE-2021-21392 was published for matrix-synapse (pip) Apr 13, 2021
mscherer
ModStartCMS v8.8.0 was discovered to contain an open redirect vulnerability in the redirect... High Unreviewed
CVE-2024-46331 was published Sep 27, 2024
A host header injection vulnerability in Lines Police CAD 1.0 allows attackers to obtain the... High Unreviewed
CVE-2024-45979 was published Sep 26, 2024
A host header injection vulnerability in BookReviewLibrary 1.0 allows attackers to obtain the... High Unreviewed
CVE-2024-45981 was published Sep 26, 2024
Open Redirect in httpie High
CVE-2019-10751 was published for httpie (pip) Aug 27, 2019
flask-oidc Open Redirect vulnerability High
CVE-2016-1000001 was published for flask-oidc (pip) May 17, 2022
Flask-AppBuilder Open Redirect vulnerability High
CVE-2021-32805 was published for Flask-AppBuilder (pip) Sep 8, 2021
The Share This Image plugin for WordPress is vulnerable to Open Redirect in all versions up to,... High Unreviewed
CVE-2024-8761 was published Sep 17, 2024
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Payara Platform Payara... High Unreviewed
CVE-2024-7312 was published Sep 11, 2024
A DOM-based open redirection in the returnUrl parameter of INSTINCT UI Web Client 6.5.0 allows... High Unreviewed
CVE-2024-28287 was published Apr 2, 2024
Spring Framework URL Parsing with Host Validation High
CVE-2024-22262 was published for org.springframework:spring-web (Maven) Apr 16, 2024
Spring Web vulnerable to Open Redirect or Server Side Request Forgery High
CVE-2024-22243 was published for org.springframework:spring-web (Maven) Feb 23, 2024
yoshizawa-masatoshi
A reflected Cross-site Scripting (XSS) vulnerability affecting 3DSwymer from Release 3DEXPERIENCE... High Unreviewed
CVE-2024-6377 was published Aug 20, 2024
An URL redirection to untrusted site (open redirect) vulnerability affecting 3DPassport in... High Unreviewed
CVE-2024-6379 was published Aug 20, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database