Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

988 advisories

Loading
Koozali Foundation SME Server versions 8.x, 9.x, 10.x are vulnerable to an open URL redirect... Moderate Unreviewed
CVE-2017-1000027 was published May 17, 2022
IBM Emptoris Sourcing 9.5.x through 10.1.x could allow a remote attacker to conduct phishing... Moderate Unreviewed
CVE-2016-8947 was published May 17, 2022
An issue was discovered in u5cms verion 8.3.5 There is a URL redirection vulnerability that can... Moderate Unreviewed
CVE-2022-32444 was published Jun 18, 2022
XOOPS Core 2.5.8 has a stored URL redirect bypass vulnerability in /modules/profile/index.php... Moderate Unreviewed
CVE-2017-12138 was published May 17, 2022
There is URL Redirector Abuse in MetInfo through 5.3.17 via the gourl parameter to member/#.php. Moderate Unreviewed
CVE-2017-11718 was published May 17, 2022
Apache Helix UI vulnerable to Open Redirect Moderate
CVE-2022-47500 was published for org.apache.helix:helix (Maven) Dec 19, 2022
Server-side request forgery in Apache Dubbo Moderate
CVE-2022-24969 was published for com.alibaba:dubbo (Maven) Jun 10, 2022
Due to insufficient input validation, SAP Financial Consolidation - version 1010, allows an... Moderate Unreviewed
CVE-2022-41258 was published Nov 9, 2022
In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended... Moderate Unreviewed
CVE-2020-1927 was published May 24, 2022
Due to insufficient input validation, SAP Financial Consolidation - version 1010, allows an... Moderate Unreviewed
CVE-2022-41208 was published Nov 9, 2022
SAP Financial Consolidation - version 1010, does not sufficiently encode user-controlled input... Moderate Unreviewed
CVE-2022-41260 was published Nov 9, 2022
E-Series SANtricity OS Controller Software 11.x versions through 11.70.2 are vulnerable to host... Moderate Unreviewed
CVE-2022-23237 was published Jun 3, 2022
Traefik vulnerable to Open Redirect via handling of X-Forwarded-Prefix header Moderate
CVE-2020-15129 was published for github.com/containous/traefik (Go) Feb 11, 2022
avivdolev
The CGIHandler class in Python before 2.7.12 does not protect against the HTTP_PROXY variable... Moderate Unreviewed
CVE-2016-1000110 was published May 24, 2022
In affected Octopus Server versions when the server HTTP and HTTPS bindings are configured to... Moderate Unreviewed
CVE-2022-23184 was published Feb 8, 2022
Insufficient policy enforcement in service workers in Google Chrome prior to 74.0.3729.108... Moderate Unreviewed
CVE-2019-5823 was published May 24, 2022
oauth2-server through 3.1.1 vulnerable to Open Redirect High
CVE-2020-26938 was published for oauth2-server (npm) Aug 30, 2022
Open redirect in ASP.NET Core Moderate
CVE-2019-1075 was published for Microsoft.AspNetCore.All (NuGet) May 24, 2022
Gophish before 0.12.0 vulnerable to Open Redirect Moderate
CVE-2022-25295 was published for github.com/gophish/gophish (Go) Sep 12, 2022
In NOKIA 1350 OMS R14.2, an Open Redirect vulnerability occurs is the login page via next HTTP... Moderate Unreviewed
CVE-2022-39814 was published Sep 14, 2022
Open redirect in ASP.NET Core High
CVE-2017-11879 was published for Microsoft.AspNetCore.All (NuGet) May 14, 2022
The English WordPress Admin WordPress plugin before 1.5.2 does not validate the... Moderate Unreviewed
CVE-2021-25111 was published Apr 26, 2022
URL Redirection to Untrusted Site ('Open Redirect') in next-auth Moderate
CVE-2022-29214 was published for next-auth (npm) May 24, 2022
Ry0taK
NextAuth.js default redirect callback vulnerable to open redirects Moderate
CVE-2022-24858 was published for next-auth (npm) Apr 22, 2022
rustyguts
An intent redirection vulnerability in the Mi App Store product. This vulnerability is caused by... Moderate Unreviewed
CVE-2020-14118 was published Apr 22, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database