Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,968
Erlang
39
GitHub Actions
38
Go
2,616
Maven
5,000+
npm
4,255
NuGet
760
pip
4,040
Pub
12
RubyGems
953
Rust
1,050
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,056 advisories

Loading
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks WP Gravity Forms... Moderate Unreviewed
CVE-2025-58006 was published Sep 22, 2025
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Pusula Communication... Moderate Unreviewed
CVE-2025-7702 was published Sep 19, 2025
Liferay Portal's System, Instance and Site Settings are vulnerable to Open Redirect Moderate
CVE-2025-43795 was published for com.liferay:com.liferay.configuration.admin.web (Maven) Sep 12, 2025
A vulnerability has been found in Freshwork up to 1.2.3. This impacts an unknown function of the... Moderate Unreviewed
CVE-2025-10229 was published Sep 11, 2025
TYPO3 CMS has an open‑redirect vulnerability Moderate
CVE-2025-59013 was published for typo3/cms-core (Composer) Sep 9, 2025
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in GoodBarber GoodBarber. This... Moderate Unreviewed
CVE-2025-39523 was published Sep 9, 2025
A vulnerability in Cisco Webex Meetings could have allowed an unauthenticated, remote attacker to... Moderate Unreviewed
CVE-2025-20291 was published Sep 9, 2025
Google Sign-In for Rails allowed redirect to protocol-relative URI Moderate
CVE-2025-58067 was published for google_sign_in (RubyGems) Aug 29, 2025
Google Sign-In for Rails allowed redirects to malformed URLs Moderate
CVE-2025-57821 was published for google_sign_in (RubyGems) Aug 27, 2025
Muntrive
Credited to Muntrive
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Eric Teubert Podlove Podcast... Moderate Unreviewed
CVE-2025-58204 was published Aug 27, 2025
SelectZero SelectZero Data Observability Platform before 2025.5.2 contains an Open Redirect... Moderate Unreviewed
CVE-2025-52219 was published Aug 26, 2025
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Bunkerity Bunker Web on... Moderate Unreviewed
CVE-2025-8066 was published Aug 15, 2025
Liferay Portal allows open redirect in /c/portal/edit_info_item parameter redirect Moderate
CVE-2025-43767 was published for com.liferay:com.liferay.info.impl (Maven) Aug 23, 2025
An open redirect vulnerability in Reolink v4.54.0.4.20250526 allows attackers to redirect users... Moderate Unreviewed
CVE-2025-55625 was published Aug 22, 2025
An intent redirection vulnerability in Reolink v4.54.0.4.20250526 allows unauthorized attackers... Moderate Unreviewed
CVE-2025-55624 was published Aug 22, 2025
Focus for iOS would not respect a Content-Disposition header of type Attachment and would... Moderate Unreviewed
CVE-2025-55032 was published Aug 19, 2025
The mirror-registry doesn't properly sanitize the host header HTTP header in HTTP request... Moderate Unreviewed
CVE-2025-7777 was published Aug 20, 2025
The URL scheme used by Firefox to facilitate searching of text queries could incorrectly allow... Moderate Unreviewed
CVE-2025-54144 was published Aug 19, 2025
URL redirection to untrusted site ('Open Redirect') issue exists in Movable Type. If this... Moderate Unreviewed
CVE-2025-55706 was published Aug 20, 2025
A flaw has been found in TOTVS Portal Meu RH up to 12.1.17. Impacted is an unknown function of... Moderate Unreviewed
CVE-2025-9193 was published Aug 20, 2025
@astrojs/node's trailing slash handling causes open redirect issue Moderate
CVE-2025-55207 was published for @astrojs/node (npm) Aug 15, 2025
florian-lefebvre ematipico
Fryuni delucis
Credited to florian-lefebvre, ematipico, Fryuni, and delucis
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks Connector for... Moderate Unreviewed
CVE-2025-54681 was published Aug 14, 2025
svg-sanitizer Bypasses Attribute Sanitization Moderate
CVE-2025-55166 was published for enshrined/svg-sanitize (Composer) Aug 12, 2025
ohader realazizk
Credited to ohader and realazizk
The WP Compress – Image Optimizer [All-In-One] plugin for WordPress is vulnerable to unauthorized... Moderate Unreviewed
CVE-2024-4445 was published May 14, 2024
A vulnerability has been found in atjiu pybbs up to 6.0.0 and classified as problematic. This... Moderate Unreviewed
CVE-2025-8813 was published Aug 10, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database