Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,950
Erlang
39
GitHub Actions
38
Go
2,603
Maven
5,000+
npm
4,250
NuGet
755
pip
4,013
Pub
12
RubyGems
953
Rust
1,048
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

59 advisories

Loading
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks WP Gravity Forms... High Unreviewed
CVE-2025-60151 was published Oct 22, 2025
Account Takeover in Corezoid 6.6.0 in the OAuth2 implementation via an open redirect in the... High Unreviewed
CVE-2024-55017 was published Sep 30, 2025
A vulnerability in the Virtual Keyboard Video Monitor (vKVM) connection handling of Cisco... High Unreviewed
CVE-2025-20317 was published Aug 27, 2025
IBM Cognos Command Center 10.2.4.1 and 10.2.5 could allow a remote attacker to conduct phishing... High Unreviewed
CVE-2025-2697 was published Aug 26, 2025
IBM Operational Decision Manager 8.11.0.1, 8.11.1.0, 8.12.0.1, 9.0.0.1, and 9.5.0 could allow a... High Unreviewed
CVE-2025-2824 was published Aug 1, 2025
The AI Engine plugin for WordPress is vulnerable to open redirect in version 2.8.4. This is due... High Unreviewed
CVE-2025-6238 was published Jul 4, 2025
A malicious third-party can give a crafted "ssh://..." URL to an unsuspecting victim, and an... High Unreviewed
CVE-2017-1000117 was published May 13, 2022
Adobe Flash Player versions 26.0.0.137 and earlier have a security bypass vulnerability that... High Unreviewed
CVE-2017-3085 was published May 13, 2022
The XMLHttpRequest object in Opera 8.0 Final Build 1095 allows remote attackers to bypass access... High Unreviewed
CVE-2005-1475 was published May 1, 2022
The issue was addressed with improved input validation. This issue is fixed in Safari 18.4,... High Unreviewed
CVE-2025-24180 was published Apr 1, 2025
Dell Unity, version(s) 5.4 and prior, contain(s) an URL Redirection to Untrusted Site ('Open... High Unreviewed
CVE-2025-24381 was published Mar 28, 2025
In Zucchetti Ad Hoc Infinity 2.4, an improper check on the m_cURL parameter allows an attacker to... High Unreviewed
CVE-2024-51321 was published Mar 11, 2025
Microsoft Edge (Chromium-based) Webview2 Spoofing Vulnerability High Unreviewed
CVE-2023-24892 was published Mar 14, 2023
The WPMobile.App plugin for WordPress is vulnerable to Open Redirect in all versions up to, and... High Unreviewed
CVE-2024-13888 was published Feb 20, 2025
The User Account and Authentication service (UAA) for SAP HANA extended application services,... High Unreviewed
CVE-2025-24868 was published Feb 11, 2025
The login page of Venki Supravizio BPM up to 18.1.1 is vulnerable to open redirect leading to... High Unreviewed
CVE-2024-46481 was published Jan 13, 2025
After downloading a Windows <code>.url</code> shortcut from the local filesystem, an attacker... High Unreviewed
CVE-2023-25734 was published Jun 2, 2023
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.1 prior to 17.4.6... High Unreviewed
CVE-2024-11274 was published Dec 12, 2024
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Microchip TimeProvider 4100... High Unreviewed
CVE-2024-43683 was published Oct 4, 2024
VMware SD-WAN Orchestrator contains an open redirect vulnerability. A malicious actor may be... High Unreviewed
CVE-2024-22248 was published Apr 2, 2024
Open redirection vulnerability in CDeX application allows to redirect users to arbitrary websites... High Unreviewed
CVE-2024-2465 was published Mar 21, 2024
An issue has been discovered in GitLab affecting all versions starting from 8.15 before 16.2.8,... High Unreviewed
CVE-2023-3922 was published Sep 29, 2023
ModStartCMS v8.8.0 was discovered to contain an open redirect vulnerability in the redirect... High Unreviewed
CVE-2024-46331 was published Sep 27, 2024
A host header injection vulnerability in Lines Police CAD 1.0 allows attackers to obtain the... High Unreviewed
CVE-2024-45979 was published Sep 26, 2024
A host header injection vulnerability in BookReviewLibrary 1.0 allows attackers to obtain the... High Unreviewed
CVE-2024-45981 was published Sep 26, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database