Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,737
Maven
5,000+
npm
4,337
NuGet
764
pip
4,112
Pub
12
RubyGems
960
Rust
1,068
Swift
45
Unreviewed advisories
All unreviewed
5,000+

101 advisories

Loading
An issue was discovered in ownCloud owncloud/oauth2 before 0.6.1, when Allow Subdomains is... High Unreviewed
CVE-2023-49104 was published Nov 22, 2023
A CWE-601 URL Redirection to Untrusted Site vulnerability exists that could cause an... High Unreviewed
CVE-2023-5986 was published Nov 15, 2023
VMware Workspace ONE UEM console contains an open redirect vulnerability. A malicious actor may... High Unreviewed
CVE-2023-20886 was published Oct 31, 2023
An issue has been discovered in GitLab affecting all versions starting from 8.15 before 16.2.8,... High Unreviewed
CVE-2023-3922 was published Sep 29, 2023
After downloading a Windows <code>.url</code> shortcut from the local filesystem, an attacker... High Unreviewed
CVE-2023-25734 was published Jun 2, 2023
The BatteryHealthActivity has a redirection vulnerability. Successful exploitation of this... High Unreviewed
CVE-2022-48358 was published Mar 28, 2023
Microsoft Edge (Chromium-based) Webview2 Spoofing Vulnerability High Unreviewed
CVE-2023-24892 was published Mar 14, 2023
rdiffweb vulnerable to Open Redirect High
CVE-2022-4720 was published for rdiffweb (pip) Dec 27, 2022
An attacker can change the content of an SAP Commerce - versions 1905, 2005, 2105, 2011, 2205,... High Unreviewed
CVE-2022-41204 was published Oct 12, 2022
oauth2-server through 3.1.1 vulnerable to Open Redirect High
CVE-2020-26938 was published for oauth2-server (npm) Aug 30, 2022
HCL iNotes is susceptible to a link to non-existent domain vulnerability. An attacker could use... High Unreviewed
CVE-2022-27547 was published Aug 29, 2022
Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no... High Unreviewed
CVE-2021-28861 was published Aug 24, 2022
JSPUI's controlled vocabulary feature vulnerable to Open Redirect before v6.4 and v5.11 High
CVE-2022-31193 was published for org.dspace:dspace-jspui (Maven) Aug 6, 2022
Multiple functions of NHIServiSignAdapter failed to verify the users’ file path, which leads to... High Unreviewed
CVE-2020-25845 was published May 24, 2022
The digest generation function of NHIServiSignAdapter has not been verified for source file path,... High Unreviewed
CVE-2020-25846 was published May 24, 2022
IBM Security Directory Server 6.4.0 could allow a remote attacker to conduct phishing attacks,... High Unreviewed
CVE-2019-4538 was published May 24, 2022
cPanel before 67.9999.103 allows an open redirect in /unprotected/redirect.html (SEC-300). High Unreviewed
CVE-2017-18414 was published May 24, 2022
When processing Deeplink scheme, Happypoint mobile app 6.3.19 and earlier versions doesn't check... High Unreviewed
CVE-2019-9140 was published May 24, 2022
An Improper Input Validation issue was discovered in GitLab Community and Enterprise Edition... High Unreviewed
CVE-2019-6781 was published May 24, 2022
Drupal has open redirect vulnerability in the Overlay module High
CVE-2013-6389 was published for drupal/drupal (Composer) May 17, 2022
Rudloff
Credited to Rudloff
Drupal Open redirect vulnerability in the drupal_goto function High
CVE-2016-3167 was published for drupal/core (Composer) May 17, 2022
Multiple open redirect vulnerabilities in Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.6... High Unreviewed
CVE-2016-0928 was published May 17, 2022
An open redirect vulnerability has been detected with some Pivotal Cloud Foundry Elastic Runtime... High Unreviewed
CVE-2016-6657 was published May 17, 2022
flask-oidc Open Redirect vulnerability High
CVE-2016-1000001 was published for flask-oidc (pip) May 17, 2022
Jenkins affected by Open Redirect Vulnerability High
CVE-2016-3726 was published for org.jenkins-ci.main:jenkins-core (Maven) May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database