GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,014
Maven
5,000+
npm
3,721
NuGet
662
pip
3,393
Pub
11
RubyGems
890
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
45 advisories
Filter by severity
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Microchip TimeProvider 4100...
High
Unreviewed
CVE-2024-43683
was published
Oct 4, 2024
ModStartCMS v8.8.0 was discovered to contain an open redirect vulnerability in the redirect...
High
Unreviewed
CVE-2024-46331
was published
Sep 27, 2024
A host header injection vulnerability in BookReviewLibrary 1.0 allows attackers to obtain the...
High
Unreviewed
CVE-2024-45981
was published
Sep 26, 2024
A host header injection vulnerability in Lines Police CAD 1.0 allows attackers to obtain the...
High
Unreviewed
CVE-2024-45979
was published
Sep 26, 2024
The Share This Image plugin for WordPress is vulnerable to Open Redirect in all versions up to,...
High
Unreviewed
CVE-2024-8761
was published
Sep 17, 2024
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Payara Platform Payara...
High
Unreviewed
CVE-2024-7312
was published
Sep 11, 2024
An URL redirection to untrusted site (open redirect) vulnerability affecting 3DPassport in...
High
Unreviewed
CVE-2024-6379
was published
Aug 20, 2024
A reflected Cross-site Scripting (XSS) vulnerability affecting 3DSwymer from Release 3DEXPERIENCE...
High
Unreviewed
CVE-2024-6377
was published
Aug 20, 2024
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
High
Unreviewed
CVE-2024-38211
was published
Aug 13, 2024
The Export WP Page to Static HTML/CSS plugin for WordPress is vulnerable to Open Redirect in all...
High
Unreviewed
CVE-2024-3597
was published
Jun 20, 2024
When a network error occurred during page load, the prior content could have remained in view...
High
Unreviewed
CVE-2024-4773
was published
May 14, 2024
An issue in Wifire Hotspot v.4.5.3 allows a local attacker to execute arbitrary code via a...
High
Unreviewed
CVE-2024-26504
was published
May 1, 2024
The SolarWinds Platform was susceptible to a Arbitrary Open Redirection Vulnerability. A...
High
Unreviewed
CVE-2024-28076
was published
Apr 18, 2024
A DOM-based open redirection in the returnUrl parameter of INSTINCT UI Web Client 6.5.0 allows...
High
Unreviewed
CVE-2024-28287
was published
Apr 2, 2024
VMware SD-WAN Orchestrator contains an open redirect vulnerability.
A malicious actor may be...
High
Unreviewed
CVE-2024-22248
was published
Apr 2, 2024
Open redirection vulnerability in CDeX application allows to redirect users to arbitrary websites...
High
Unreviewed
CVE-2024-2465
was published
Mar 21, 2024
A CWE-601:URL Redirection to Untrusted Site (‘Open Redirect’) vulnerability exists that could...
High
Unreviewed
CVE-2023-5629
was published
Dec 14, 2023
Unauthorized access vulnerability in the launcher module. Successful exploitation of this...
High
Unreviewed
CVE-2023-49240
was published
Dec 6, 2023
An issue was discovered in ownCloud owncloud/oauth2 before 0.6.1, when Allow Subdomains is...
High
Unreviewed
CVE-2023-49104
was published
Nov 22, 2023
A CWE-601 URL Redirection to Untrusted Site vulnerability exists that could cause an...
High
Unreviewed
CVE-2023-5986
was published
Nov 15, 2023
VMware Workspace ONE UEM console contains an open redirect vulnerability.
A malicious actor may...
High
Unreviewed
CVE-2023-20886
was published
Oct 31, 2023
An issue has been discovered in GitLab affecting all versions starting from 8.15 before 16.2.8,...
High
Unreviewed
CVE-2023-3922
was published
Sep 29, 2023
The BatteryHealthActivity has a redirection vulnerability. Successful exploitation of this...
High
Unreviewed
CVE-2022-48358
was published
Mar 28, 2023
Microsoft Edge (Chromium-based) Webview2 Spoofing Vulnerability
High
Unreviewed
CVE-2023-24892
was published
Mar 14, 2023
An attacker can change the content of an SAP Commerce - versions 1905, 2005, 2105, 2011, 2205,...
High
Unreviewed
CVE-2022-41204
was published
Oct 12, 2022
ProTip!
Advisories are also available from the
GraphQL API