Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,489
Maven
5,000+
npm
5,000+
NuGet
892
pip
4,745
Pub
13
RubyGems
1,033
Rust
1,228
Swift
53
Unreviewed advisories
All unreviewed
5,000+

1,348 advisories

Loading
URL Confusion When Scheme Not Supplied in medialize/uri.js Moderate
CVE-2022-1233 was published for urijs (npm) Apr 5, 2022
Open redirect in wwbn/avideo Moderate
CVE-2022-27463 was published for wwbn/avideo (Composer) Apr 6, 2022
OrangeHRM 4.10 is vulnerable to a Host header injection redirect via viewPersonalDetails endpoint. Moderate Unreviewed
CVE-2022-27110 was published Apr 7, 2022
OrangeHRM 4.10 suffers from a Referer header injection redirect vulnerability. Moderate Unreviewed
CVE-2022-27109 was published Apr 7, 2022
SAP NetWeaver ABAP Server and ABAP Platform - versions 740, 750, 787, allows an unauthenticated... Moderate Unreviewed
CVE-2022-28215 was published Apr 13, 2022
An open redirect vulnerability in Hubzilla before version 7.2 allows remote attackers to redirect... Moderate Unreviewed
CVE-2022-27256 was published Apr 14, 2022
An open redirect vulnerability in the administrative interface of the B. Braun Melsungen AG... Moderate Unreviewed
CVE-2020-25154 was published Apr 15, 2022
Open redirect vulnerability via endpoint authorize_and_redirect/?redirect= in GitHub repository... Moderate Unreviewed
CVE-2022-0645 was published Apr 20, 2022
A URL redirection vulnerability in Skyhigh SWG in main releases 10.x prior to 10.2.9, 9.x prior... Moderate Unreviewed
CVE-2022-1254 was published Apr 21, 2022
Automated Logic's WebCtrl Server Version 6.1 'Help' index pages are vulnerable to open... Moderate Unreviewed
CVE-2022-1019 was published Apr 20, 2022
drupal6 version 6.16 has open redirection Moderate Unreviewed
CVE-2010-2471 was published Apr 21, 2022
It was found in vanilla forums before 2.0.10 a potential linkbait vulnerability in dispatcher. Moderate Unreviewed
CVE-2010-4266 was published Apr 21, 2022
An intent redirection vulnerability in the Mi App Store product. This vulnerability is caused by... Moderate Unreviewed
CVE-2020-14118 was published Apr 22, 2022
NextAuth.js default redirect callback vulnerable to open redirects Moderate
CVE-2022-24858 was published for next-auth (npm) Apr 22, 2022
rustyguts Credited to rustyguts
URL Redirection to Untrusted Site ('Open Redirect') in next-auth Moderate
CVE-2022-29214 was published for next-auth (npm) May 24, 2022
Ry0taK Credited to Ry0taK
The English WordPress Admin WordPress plugin before 1.5.2 does not validate the... Moderate Unreviewed
CVE-2021-25111 was published Apr 26, 2022
Open redirect in ASP.NET Core High
CVE-2017-11879 was published for Microsoft.AspNetCore.All (NuGet) May 14, 2022
In NOKIA 1350 OMS R14.2, an Open Redirect vulnerability occurs is the login page via next HTTP... Moderate Unreviewed
CVE-2022-39814 was published Sep 14, 2022
Gophish before 0.12.0 vulnerable to Open Redirect Moderate
CVE-2022-25295 was published for github.com/gophish/gophish (Go) Sep 12, 2022
Open redirect in ASP.NET Core Moderate
CVE-2019-1075 was published for Microsoft.AspNetCore.All (NuGet) May 24, 2022
oauth2-server through 3.1.1 vulnerable to Open Redirect High
CVE-2020-26938 was published for oauth2-server (npm) Aug 30, 2022
Insufficient policy enforcement in service workers in Google Chrome prior to 74.0.3729.108... Moderate Unreviewed
CVE-2019-5823 was published May 24, 2022
In affected Octopus Server versions when the server HTTP and HTTPS bindings are configured to... Moderate Unreviewed
CVE-2022-23184 was published Feb 8, 2022
The CGIHandler class in Python before 2.7.12 does not protect against the HTTP_PROXY variable... Moderate Unreviewed
CVE-2016-1000110 was published May 24, 2022
Traefik vulnerable to Open Redirect via handling of X-Forwarded-Prefix header Moderate
CVE-2020-15129 was published for github.com/containous/traefik (Go) Feb 11, 2022
avivdolev Credited to avivdolev
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database