GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,083
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,644
NuGet
638
pip
3,260
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
690 advisories
Filter by severity
IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to conduct phishing...
Moderate
Unreviewed
CVE-2018-1736
was published
May 13, 2022
IBM InfoSphere Information Governance Catalog 11.3, 11.5, and 11.7 could allow a remote attacker...
Moderate
Unreviewed
CVE-2018-1875
was published
May 13, 2022
IBM Cloud Private 3.1.1 could allow a remote attacker to conduct phishing attacks, using an open...
Moderate
Unreviewed
CVE-2018-1939
was published
May 13, 2022
The NetIQ Identity Manager user console, in versions prior to 4.7, is susceptible to URL...
Moderate
Unreviewed
CVE-2018-7674
was published
May 13, 2022
Missing custom error page vulnerability in Synology Web Station before 2.1.3-0139 allows remote...
Moderate
Unreviewed
CVE-2018-8913
was published
May 13, 2022
An open redirect vulnerability in LabKey Server Community Edition before 18.3.0-61806.763 via the...
Moderate
Unreviewed
CVE-2019-3912
was published
May 13, 2022
Open redirect vulnerability in cgiemail and cgiecho allows remote attackers to redirect users to...
Moderate
Unreviewed
CVE-2017-5614
was published
May 13, 2022
An open redirect in the Ninja Forms plugin before 3.3.19.1 for WordPress allows Remote Attackers...
Moderate
Unreviewed
CVE-2018-19796
was published
May 13, 2022
download.cgi in Pulse Secure Pulse Connect Secure 8.1RX before 8.1R13 and 8.3RX before 8.3R4 and...
Moderate
Unreviewed
CVE-2018-14366
was published
May 13, 2022
Open redirect vulnerability in WordPress Download Manager prior to version 2.9.51 allows remote...
Moderate
Unreviewed
CVE-2017-2217
was published
May 13, 2022
The Kibana fix for CVE-2017-8451 was found to be incomplete. With X-Pack installed, Kibana...
Moderate
Unreviewed
CVE-2017-11482
was published
May 13, 2022
A security feature bypass vulnerability exists when Microsoft Office does not validate URLs.An...
Moderate
Unreviewed
CVE-2019-0540
was published
May 13, 2022
The floragunn Search Guard plugin before 6.x-16 for Kibana allows URL injection for login...
Moderate
Unreviewed
CVE-2018-20698
was published
May 13, 2022
Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 20, Microsoft Exchange Server 2013...
Moderate
Unreviewed
CVE-2018-0924
was published
May 13, 2022
The fix in Kibana for ESA-2017-23 was incomplete. With X-Pack security enabled, Kibana versions...
Moderate
Unreviewed
CVE-2018-3819
was published
May 13, 2022
Kibana versions before 4.6.3 and 5.0.1 have an open redirect vulnerability that would enable an...
Moderate
Unreviewed
CVE-2016-10365
was published
May 13, 2022
With X-Pack installed, Kibana versions before 5.3.1 have an open redirect vulnerability on the...
Moderate
Unreviewed
CVE-2017-8451
was published
May 13, 2022
sympa version 6.2.16 and later contains a CWE-601: URL Redirection to Untrusted Site ('Open...
Moderate
Unreviewed
CVE-2018-1000671
was published
May 13, 2022
Zabbix before 2.2.21rc1, 3.x before 3.0.13rc1, 3.1.x and 3.2.x before 3.2.10rc1, and 3.3.x and 3...
Moderate
Unreviewed
CVE-2016-10742
was published
May 13, 2022
Unvalidated redirect vulnerability in in NetIQ eDirectory before 9.1.1 HF1.
Moderate
Unreviewed
CVE-2018-7692
was published
May 13, 2022
Jive before 2016.3.1 has an open redirect from the external-link.jspa page.
Moderate
Unreviewed
CVE-2016-4334
was published
May 13, 2022
Symantec Advanced Secure Gateway (ASG) 6.6, ASG 6.7 prior to 6.7.2.1, ProxySG 6.5 prior to 6.5.10...
Moderate
Unreviewed
CVE-2016-9099
was published
May 13, 2022
The OAuth authorization implementation in Pivotal Cloud Foundry (PCF) before 242; UAA 2.x before...
Moderate
Unreviewed
CVE-2016-6636
was published
May 13, 2022
In Cloud Foundry router routing-release all versions prior to v0.163.0 and cf-release all...
Moderate
Unreviewed
CVE-2017-8047
was published
May 13, 2022
With Cloud Foundry Runtime cf-release versions v209 or earlier, UAA Standalone versions 2.2.6 or...
Moderate
Unreviewed
CVE-2015-3190
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API