GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,014
Maven
5,000+
npm
3,721
NuGet
662
pip
3,393
Pub
11
RubyGems
890
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
45 advisories
Filter by severity
The Page Builder KingComposer WordPress plugin through 2.9.6 does not validate the id parameter...
High
Unreviewed
CVE-2022-0165
was published
Mar 15, 2022
The XMLHttpRequest object in Opera 8.0 Final Build 1095 allows remote attackers to bypass access...
High
Unreviewed
CVE-2005-1475
was published
May 1, 2022
Adobe Flash Player versions 26.0.0.137 and earlier have a security bypass vulnerability that...
High
Unreviewed
CVE-2017-3085
was published
May 13, 2022
Dell EMC Unity and UnityVSA versions prior to 4.3.1.1525703027 contains a URL Redirection...
High
Unreviewed
CVE-2018-1251
was published
May 13, 2022
A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15...
High
Unreviewed
CVE-2018-13813
was published
May 13, 2022
A malicious third-party can give a crafted "ssh://..." URL to an unsuspecting victim, and an...
High
Unreviewed
CVE-2017-1000117
was published
May 13, 2022
IBM WebSphere Portal 8.5 and 9.0 could allow a remote attacker to conduct phishing attacks, using...
High
Unreviewed
CVE-2017-1156
was published
May 13, 2022
An issue was discovered in Open-Xchange OX AppSuite before 7.8.0-rev27. The "defer" servlet...
High
Unreviewed
CVE-2016-3174
was published
May 14, 2022
Redirection version 2.7.3 contains a ACE via file inclusion vulnerability in Pass-through mode...
High
Unreviewed
CVE-2018-1000504
was published
May 14, 2022
Redirection from an HTTP connection to a "data:" URL assigns the referring site's origin to the ...
High
Unreviewed
CVE-2016-9078
was published
May 14, 2022
An open redirect vulnerability has been detected with some Pivotal Cloud Foundry Elastic Runtime...
High
Unreviewed
CVE-2016-6657
was published
May 17, 2022
Multiple open redirect vulnerabilities in Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.6...
High
Unreviewed
CVE-2016-0928
was published
May 17, 2022
An Improper Input Validation issue was discovered in GitLab Community and Enterprise Edition...
High
Unreviewed
CVE-2019-6781
was published
May 24, 2022
When processing Deeplink scheme, Happypoint mobile app 6.3.19 and earlier versions doesn't check...
High
Unreviewed
CVE-2019-9140
was published
May 24, 2022
cPanel before 67.9999.103 allows an open redirect in /unprotected/redirect.html (SEC-300).
High
Unreviewed
CVE-2017-18414
was published
May 24, 2022
IBM Security Directory Server 6.4.0 could allow a remote attacker to conduct phishing attacks,...
High
Unreviewed
CVE-2019-4538
was published
May 24, 2022
The digest generation function of NHIServiSignAdapter has not been verified for source file path,...
High
Unreviewed
CVE-2020-25846
was published
May 24, 2022
Multiple functions of NHIServiSignAdapter failed to verify the users’ file path, which leads to...
High
Unreviewed
CVE-2020-25845
was published
May 24, 2022
Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no...
High
Unreviewed
CVE-2021-28861
was published
Aug 24, 2022
HCL iNotes is susceptible to a link to non-existent domain vulnerability. An attacker could use...
High
Unreviewed
CVE-2022-27547
was published
Aug 29, 2022
An attacker can change the content of an SAP Commerce - versions 1905, 2005, 2105, 2011, 2205,...
High
Unreviewed
CVE-2022-41204
was published
Oct 12, 2022
Microsoft Edge (Chromium-based) Webview2 Spoofing Vulnerability
High
Unreviewed
CVE-2023-24892
was published
Mar 14, 2023
The BatteryHealthActivity has a redirection vulnerability. Successful exploitation of this...
High
Unreviewed
CVE-2022-48358
was published
Mar 28, 2023
An issue has been discovered in GitLab affecting all versions starting from 8.15 before 16.2.8,...
High
Unreviewed
CVE-2023-3922
was published
Sep 29, 2023
VMware Workspace ONE UEM console contains an open redirect vulnerability.
A malicious actor may...
High
Unreviewed
CVE-2023-20886
was published
Oct 31, 2023
ProTip!
Advisories are also available from the
GraphQL API