Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,681
Maven
5,000+
npm
4,311
NuGet
760
pip
4,084
Pub
12
RubyGems
958
Rust
1,061
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

60 advisories

Loading
The Page Builder KingComposer WordPress plugin through 2.9.6 does not validate the id parameter... High Unreviewed
CVE-2022-0165 was published Mar 15, 2022
An attacker can change the content of an SAP Commerce - versions 1905, 2005, 2105, 2011, 2205,... High Unreviewed
CVE-2022-41204 was published Oct 12, 2022
An open redirect vulnerability has been detected with some Pivotal Cloud Foundry Elastic Runtime... High Unreviewed
CVE-2016-6657 was published May 17, 2022
Multiple open redirect vulnerabilities in Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.6... High Unreviewed
CVE-2016-0928 was published May 17, 2022
The digest generation function of NHIServiSignAdapter has not been verified for source file path,... High Unreviewed
CVE-2020-25846 was published May 24, 2022
HCL iNotes is susceptible to a link to non-existent domain vulnerability. An attacker could use... High Unreviewed
CVE-2022-27547 was published Aug 29, 2022
Multiple functions of NHIServiSignAdapter failed to verify the users’ file path, which leads to... High Unreviewed
CVE-2020-25845 was published May 24, 2022
IBM Security Directory Server 6.4.0 could allow a remote attacker to conduct phishing attacks,... High Unreviewed
CVE-2019-4538 was published May 24, 2022
Dell EMC Unity and UnityVSA versions prior to 4.3.1.1525703027 contains a URL Redirection... High Unreviewed
CVE-2018-1251 was published May 13, 2022
A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15... High Unreviewed
CVE-2018-13813 was published May 13, 2022
IBM WebSphere Portal 8.5 and 9.0 could allow a remote attacker to conduct phishing attacks, using... High Unreviewed
CVE-2017-1156 was published May 13, 2022
An issue was discovered in Open-Xchange OX AppSuite before 7.8.0-rev27. The "defer" servlet... High Unreviewed
CVE-2016-3174 was published May 14, 2022
Redirection version 2.7.3 contains a ACE via file inclusion vulnerability in Pass-through mode... High Unreviewed
CVE-2018-1000504 was published May 14, 2022
Redirection from an HTTP connection to a "data:" URL assigns the referring site's origin to the ... High Unreviewed
CVE-2016-9078 was published May 14, 2022
The BatteryHealthActivity has a redirection vulnerability. Successful exploitation of this... High Unreviewed
CVE-2022-48358 was published Mar 28, 2023
VMware Workspace ONE UEM console contains an open redirect vulnerability. A malicious actor may... High Unreviewed
CVE-2023-20886 was published Oct 31, 2023
A CWE-601 URL Redirection to Untrusted Site vulnerability exists that could cause an... High Unreviewed
CVE-2023-5986 was published Nov 15, 2023
An issue was discovered in ownCloud owncloud/oauth2 before 0.6.1, when Allow Subdomains is... High Unreviewed
CVE-2023-49104 was published Nov 22, 2023
A CWE-601:URL Redirection to Untrusted Site (‘Open Redirect’) vulnerability exists that could... High Unreviewed
CVE-2023-5629 was published Dec 14, 2023
Unauthorized access vulnerability in the launcher module. Successful exploitation of this... High Unreviewed
CVE-2023-49240 was published Dec 6, 2023
When processing Deeplink scheme, Happypoint mobile app 6.3.19 and earlier versions doesn't check... High Unreviewed
CVE-2019-9140 was published May 24, 2022
cPanel before 67.9999.103 allows an open redirect in /unprotected/redirect.html (SEC-300). High Unreviewed
CVE-2017-18414 was published May 24, 2022
The SolarWinds Platform was susceptible to a Arbitrary Open Redirection Vulnerability. A... High Unreviewed
CVE-2024-28076 was published Apr 18, 2024
An issue in Wifire Hotspot v.4.5.3 allows a local attacker to execute arbitrary code via a... High Unreviewed
CVE-2024-26504 was published May 1, 2024
The Export WP Page to Static HTML/CSS plugin for WordPress is vulnerable to Open Redirect in all... High Unreviewed
CVE-2024-3597 was published Jun 20, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database