GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
972 advisories
Filter by severity
WebITR from Uniong has an Open Redirect vulnerability, which allows unauthorized remote attackers...
Moderate
Unreviewed
CVE-2024-8586
was published
Sep 9, 2024
Loway - CWE-601: URL Redirection to Untrusted Site ('Open Redirect')
Moderate
Unreviewed
CVE-2024-42341
was published
Sep 8, 2024
A vulnerability was found in SourceCodester Clinics Patient Management System 2.0. It has been...
Moderate
Unreviewed
CVE-2024-8555
was published
Sep 7, 2024
A vulnerability, which was classified as problematic, was found in LinuxOSsk Shakal-NG up to 1.3...
Moderate
Unreviewed
CVE-2024-8412
was published
Sep 4, 2024
If a site had been granted the permission to open popup windows, it could cause Select elements...
Moderate
Unreviewed
CVE-2024-8386
was published
Sep 3, 2024
An Open Redirect vulnerability in the page parameter of vTiger CRM v7.4.0 allows attackers to...
Moderate
Unreviewed
CVE-2024-44776
was published
Aug 29, 2024
IBM Security Verify Access 10.0.0 through 10.0.8 OIDC Provider could allow a remote attacker to...
Moderate
Unreviewed
CVE-2024-35133
was published
Aug 29, 2024
An HTTP parameter may contain a URL value and could cause
the web application to redirect the...
Moderate
Unreviewed
CVE-2024-7941
was published
Aug 27, 2024
There is an Open Redirect vulnerability in Gnuboard v6.0.4 and below via the `url` parameter in...
Moderate
Unreviewed
CVE-2024-39097
was published
Aug 26, 2024
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in OpenText™ Network Node...
Moderate
Unreviewed
CVE-2024-7428
was published
Aug 23, 2024
Inadequate validation of URLs could result into an invalid check whether an redirect URL is...
Unknown
Unreviewed
CVE-2024-27184
was published
Aug 20, 2024
An URL redirection to untrusted site (open redirect) vulnerability affecting 3DPassport in...
High
Unreviewed
CVE-2024-6379
was published
Aug 20, 2024
A reflected Cross-site Scripting (XSS) vulnerability affecting 3DSwymer from Release 3DEXPERIENCE...
High
Unreviewed
CVE-2024-6377
was published
Aug 20, 2024
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Scott Paterson Easy PayPal...
Moderate
Unreviewed
CVE-2024-43236
was published
Aug 19, 2024
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Salon Booking System Salon...
Moderate
Unreviewed
CVE-2024-43280
was published
Aug 19, 2024
A vulnerability was found in pkp ojs up to 3.4.0-6 and classified as problematic. Affected by...
Moderate
Unreviewed
CVE-2024-7902
was published
Aug 18, 2024
WebOb's location header normalization during redirect leads to open redirect
Moderate
CVE-2024-42353
was published
for
webob
(pip)
Aug 14, 2024
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
High
Unreviewed
CVE-2024-38211
was published
Aug 13, 2024
lorawan-stack Open Redirect vulnerability
Moderate
CVE-2023-26494
was published
for
go.thethings.network/lorawan-stack/v3
(Go)
Aug 5, 2024
The Identity Server used by 1E Platform could enable URL redirection to untrusted sites.
Note:...
Moderate
Unreviewed
CVE-2024-7211
was published
Aug 1, 2024
MobSF vulnerable to Open Redirect in Login Redirect
Moderate
CVE-2024-41955
was published
for
mobsf
(pip)
Jul 31, 2024
IdentityServer Open Redirect vulnerability
Moderate
GHSA-55p7-v223-x366
was published
for
IdentityServer4
(NuGet)
Jul 31, 2024
IdentityServer Open Redirect vulnerability
Moderate
CVE-2024-39694
was published
for
Duende.IdentityServer
(NuGet)
Jul 31, 2024
A vulnerability in the web-based management interface of Cisco Expressway Series could allow an...
Moderate
Unreviewed
CVE-2024-20400
was published
Jul 17, 2024
The WPS Hide Login WordPress plugin before 1.9.16.4 does not prevent redirects to the login page...
Moderate
Unreviewed
CVE-2024-6289
was published
Jul 15, 2024
ProTip!
Advisories are also available from the
GraphQL API