Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

973 advisories

Loading
Keycloak Cross-site Scripting (XSS) via assertion consumer service URL in SAML POST-binding flow Moderate
CVE-2023-6717 was published for org.keycloak:keycloak-services (Maven) Apr 17, 2024
IBM Security Verify Access 10.0.0 through 10.0.8 OIDC Provider could allow a remote attacker to... Moderate Unreviewed
CVE-2024-35133 was published Aug 29, 2024
A DOM-based open redirection in the returnUrl parameter of INSTINCT UI Web Client 6.5.0 allows... High Unreviewed
CVE-2024-28287 was published Apr 2, 2024
Spring Framework URL Parsing with Host Validation High
CVE-2024-22262 was published for org.springframework:spring-web (Maven) Apr 16, 2024
There is an Open Redirect vulnerability in Gnuboard v6.0.4 and below via the `url` parameter in... Moderate Unreviewed
CVE-2024-39097 was published Aug 26, 2024
An HTTP parameter may contain a URL value and could cause the web application to redirect the... Moderate Unreviewed
CVE-2024-7941 was published Aug 27, 2024
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in OpenText™ Network Node... Moderate Unreviewed
CVE-2024-7428 was published Aug 23, 2024
An open redirect in the Login/Logout functionality of web management in AVSystem Unified... Moderate Unreviewed
CVE-2024-25657 was published Mar 18, 2024
Spring Web vulnerable to Open Redirect or Server Side Request Forgery High
CVE-2024-22243 was published for org.springframework:spring-web (Maven) Feb 23, 2024
yoshizawa-masatoshi
In WordPress before 5.2.3, validation and sanitization of a URL in wp_validate_redirect in wp... Moderate Unreviewed
CVE-2019-16220 was published May 24, 2022
A reflected Cross-site Scripting (XSS) vulnerability affecting 3DSwymer from Release 3DEXPERIENCE... High Unreviewed
CVE-2024-6377 was published Aug 20, 2024
An URL redirection to untrusted site (open redirect) vulnerability affecting 3DPassport in... High Unreviewed
CVE-2024-6379 was published Aug 20, 2024
An Improper Input Validation issue was discovered in GitLab Community and Enterprise Edition... High Unreviewed
CVE-2019-6781 was published May 24, 2022
Inadequate validation of URLs could result into an invalid check whether an redirect URL is... Unknown Unreviewed
CVE-2024-27184 was published Aug 20, 2024
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Salon Booking System Salon... Moderate Unreviewed
CVE-2024-43280 was published Aug 19, 2024
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Scott Paterson Easy PayPal... Moderate Unreviewed
CVE-2024-43236 was published Aug 19, 2024
A vulnerability was found in pkp ojs up to 3.4.0-6 and classified as problematic. Affected by... Moderate Unreviewed
CVE-2024-7902 was published Aug 18, 2024
DOM-based HTML injection vulnerability in the main page of Darktrace Threat Visualizer version 6... Moderate Unreviewed
CVE-2024-22854 was published Feb 16, 2024
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability High Unreviewed
CVE-2024-38211 was published Aug 13, 2024
WebOb's location header normalization during redirect leads to open redirect Moderate
CVE-2024-42353 was published for webob (pip) Aug 14, 2024
Khoj Open Redirect Vulnerability in Login Page Moderate
GHSA-564j-v29w-rqr6 was published for khoj-assistant (pip) Jul 8, 2024
davidxbors
The user may be redirected to an arbitrary site in Sitefinity 15.1.8321.0 and previous versions. Moderate Unreviewed
CVE-2024-4882 was published Jul 8, 2024
When a user scans a QR Code with the QR Code Scanner feature, the user is not prompted before... Moderate Unreviewed
CVE-2024-0953 was published Feb 5, 2024
lorawan-stack Open Redirect vulnerability Moderate
CVE-2023-26494 was published for go.thethings.network/lorawan-stack/v3 (Go) Aug 5, 2024
MobSF vulnerable to Open Redirect in Login Redirect Moderate
CVE-2024-41955 was published for mobsf (pip) Jul 31, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database