GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
973 advisories
Filter by severity
Keycloak Cross-site Scripting (XSS) via assertion consumer service URL in SAML POST-binding flow
Moderate
CVE-2023-6717
was published
for
org.keycloak:keycloak-services
(Maven)
Apr 17, 2024
IBM Security Verify Access 10.0.0 through 10.0.8 OIDC Provider could allow a remote attacker to...
Moderate
Unreviewed
CVE-2024-35133
was published
Aug 29, 2024
A DOM-based open redirection in the returnUrl parameter of INSTINCT UI Web Client 6.5.0 allows...
High
Unreviewed
CVE-2024-28287
was published
Apr 2, 2024
Spring Framework URL Parsing with Host Validation
High
CVE-2024-22262
was published
for
org.springframework:spring-web
(Maven)
Apr 16, 2024
There is an Open Redirect vulnerability in Gnuboard v6.0.4 and below via the `url` parameter in...
Moderate
Unreviewed
CVE-2024-39097
was published
Aug 26, 2024
An HTTP parameter may contain a URL value and could cause
the web application to redirect the...
Moderate
Unreviewed
CVE-2024-7941
was published
Aug 27, 2024
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in OpenText™ Network Node...
Moderate
Unreviewed
CVE-2024-7428
was published
Aug 23, 2024
An open redirect in the Login/Logout functionality of web management in AVSystem Unified...
Moderate
Unreviewed
CVE-2024-25657
was published
Mar 18, 2024
Spring Web vulnerable to Open Redirect or Server Side Request Forgery
High
CVE-2024-22243
was published
for
org.springframework:spring-web
(Maven)
Feb 23, 2024
In WordPress before 5.2.3, validation and sanitization of a URL in wp_validate_redirect in wp...
Moderate
Unreviewed
CVE-2019-16220
was published
May 24, 2022
A reflected Cross-site Scripting (XSS) vulnerability affecting 3DSwymer from Release 3DEXPERIENCE...
High
Unreviewed
CVE-2024-6377
was published
Aug 20, 2024
An URL redirection to untrusted site (open redirect) vulnerability affecting 3DPassport in...
High
Unreviewed
CVE-2024-6379
was published
Aug 20, 2024
An Improper Input Validation issue was discovered in GitLab Community and Enterprise Edition...
High
Unreviewed
CVE-2019-6781
was published
May 24, 2022
Inadequate validation of URLs could result into an invalid check whether an redirect URL is...
Unknown
Unreviewed
CVE-2024-27184
was published
Aug 20, 2024
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Salon Booking System Salon...
Moderate
Unreviewed
CVE-2024-43280
was published
Aug 19, 2024
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Scott Paterson Easy PayPal...
Moderate
Unreviewed
CVE-2024-43236
was published
Aug 19, 2024
A vulnerability was found in pkp ojs up to 3.4.0-6 and classified as problematic. Affected by...
Moderate
Unreviewed
CVE-2024-7902
was published
Aug 18, 2024
DOM-based HTML injection vulnerability in the main page of Darktrace Threat Visualizer version 6...
Moderate
Unreviewed
CVE-2024-22854
was published
Feb 16, 2024
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
High
Unreviewed
CVE-2024-38211
was published
Aug 13, 2024
WebOb's location header normalization during redirect leads to open redirect
Moderate
CVE-2024-42353
was published
for
webob
(pip)
Aug 14, 2024
Khoj Open Redirect Vulnerability in Login Page
Moderate
GHSA-564j-v29w-rqr6
was published
for
khoj-assistant
(pip)
Jul 8, 2024
The user may be redirected to an arbitrary site in Sitefinity 15.1.8321.0 and previous versions.
Moderate
Unreviewed
CVE-2024-4882
was published
Jul 8, 2024
When a user scans a QR Code with the QR Code Scanner feature, the user is not prompted before...
Moderate
Unreviewed
CVE-2024-0953
was published
Feb 5, 2024
lorawan-stack Open Redirect vulnerability
Moderate
CVE-2023-26494
was published
for
go.thethings.network/lorawan-stack/v3
(Go)
Aug 5, 2024
MobSF vulnerable to Open Redirect in Login Redirect
Moderate
CVE-2024-41955
was published
for
mobsf
(pip)
Jul 31, 2024
ProTip!
Advisories are also available from the
GraphQL API