Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,069
Maven
5,000+
npm
3,744
NuGet
668
pip
3,429
Pub
12
RubyGems
892
Rust
877
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,008 advisories

Loading
GHSL-2024-288: SickChill open redirect in login Low
CVE-2024-53995 was published for sickchill (pip) Jan 8, 2025
When redirecting to an invalid protocol scheme, an attacker could spoof the address bar. *Note:... Moderate Unreviewed
CVE-2025-0244 was published Jan 7, 2025
Better Auth has an Open Redirect Vulnerability in Verify Email Endpoint High
CVE-2024-56734 was published for better-auth (npm) Dec 30, 2024
jamesjulich
A vulnerability was found in ruifang-tech Rebuild 3.8.6. It has been classified as problematic.... Moderate Unreviewed
CVE-2024-12990 was published Dec 27, 2024
IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.3 could allow a remote... Moderate Unreviewed
CVE-2024-45082 was published Dec 18, 2024
A URL redirection vulnerability exists in UJCMS 9.6.3 due to improper validation of URLs in the... Moderate Unreviewed
CVE-2024-55452 was published Dec 17, 2024
An issue was discovered in GitLab CE/EE affecting all versions from 11.8 before 17.4.6, 17.5... Moderate Unreviewed
CVE-2024-9387 was published Dec 12, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.1 prior to 17.4.6... High Unreviewed
CVE-2024-11274 was published Dec 12, 2024
Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a URL Redirection to Untrusted... Low Unreviewed
CVE-2024-54051 was published Dec 10, 2024
Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a URL Redirection to Untrusted... Low Unreviewed
CVE-2024-54050 was published Dec 10, 2024
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in aviplugins.com Login Widget... Moderate Unreviewed
CVE-2024-54255 was published Dec 9, 2024
Dell ECS, versions prior to 3.8.0, contain(s) a Host Header Injection Vulnerability. A remote low... Moderate Unreviewed
CVE-2024-38485 was published Dec 9, 2024
BunkerWeb has Open Redirect Vulnerability in Loading Page Moderate
CVE-2024-53264 was published for github.com/bunkerity/bunkerweb (Go) Dec 2, 2024
adventure8812
Traefik's X-Forwarded-Prefix Header still allows for Open Redirect Moderate
CVE-2024-52003 was published for github.com/traefik/traefik/v2 (Go) Dec 2, 2024
kunte0
A vulnerability in the web-based management interface of Cisco ECE could allow an... Moderate Unreviewed
CVE-2022-20634 was published Nov 15, 2024
An open redirection vulnerability exists in pyload/pyload version 0.5.0. The vulnerability is due... Moderate Unreviewed
CVE-2024-1240 was published Nov 15, 2024
A vulnerability has been found in Apereo CAS 6.6 and classified as problematic. Affected by this... Moderate Unreviewed
CVE-2024-11207 was published Nov 14, 2024
HCL BigFix Compliance is affected by unvalidated redirects and forwards. The HOST header can be... Moderate Unreviewed
CVE-2024-30140 was published Nov 7, 2024
Symfony vulnerable to open redirect via browser-sanitized URLs Low
CVE-2024-50345 was published for symfony/http-foundation (Composer) Nov 6, 2024
nicolas-grekas zer0yu
HAPI FHIR XML External Entity (XXE) vulnerability High
CVE-2024-51132 was published for ca.uhn.hapi.fhir:org.hl7.fhir.convertors (Maven) Nov 5, 2024
Bruno before 1.29.1 uses Electron shell.openExternal without validation (of http or https) for... Moderate Unreviewed
CVE-2024-48463 was published Nov 4, 2024
An Open-Redirect vulnerability exists in PingAM where well-crafted requests may cause improper... Moderate Unreviewed
CVE-2024-25566 was published Oct 29, 2024
PbootCMS 3.2.8 is vulnerable to URL Redirect. Moderate Unreviewed
CVE-2024-42930 was published Oct 28, 2024
Coder vulnerable to post-auth URL redirection to untrusted site ('Open Redirect') Moderate
GHSA-wcx9-ccpj-hx3c was published for github.com/coder/coder/v2 (Go) Oct 28, 2024
jchristov
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in WP Sunshine Sunshine Photo... Moderate Unreviewed
CVE-2024-50463 was published Oct 28, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database