Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

899 advisories

Loading
An Open Redirect vulnerability was found in osTicky2 below 2.2.8. osTicky (osTicket Bridge) by... Unknown Unreviewed
CVE-2024-21728 was published Feb 15, 2024
Glewlwyd SSO server 2.x through 2.7.6 allows open redirection via redirect_uri. Moderate Unreviewed
CVE-2024-25715 was published Feb 11, 2024
An issue in the component /member/index/login of yzmcms v7.0 allows attackers to direct users to... Moderate Unreviewed
CVE-2024-24291 was published Feb 6, 2024
pyLoad open redirect vulnerability due to improper validation of the is_safe_url function Moderate
CVE-2024-24808 was published for pyload-ng (pip) Feb 5, 2024
isacaya
When a user scans a QR Code with the QR Code Scanner feature, the user is not prompted before... Moderate Unreviewed
CVE-2024-0953 was published Feb 5, 2024
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an attacker can redirect... Moderate Unreviewed
CVE-2024-21794 was published Feb 2, 2024
The WordPress Toolbar WordPress plugin through 2.2.6 redirects to any URL via the "wptbto"... Moderate Unreviewed
CVE-2023-6389 was published Jan 29, 2024
URL redirection to untrusted site ('Open Redirect') vulnerability in file access component in... Moderate Unreviewed
CVE-2024-0854 was published Jan 24, 2024
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in smp7, wp.Insider Simple... Low Unreviewed
CVE-2024-22308 was published Jan 24, 2024
keycloak-core: open redirect via "form_post.jwt" JARM response mode Moderate
GHSA-9vm7-v8wj-3fqw was published for org.keycloak:keycloak-core (Maven) Jan 23, 2024
PontusHanssen kasperkarlsson
A vulnerability, which was classified as problematic, was found in CodeAstro Internet Banking... Moderate Unreviewed
CVE-2024-0781 was published Jan 22, 2024
Open redirect vulnerability in Access analysis CGI An-Analyzer released in 2023 December 31 and... Moderate Unreviewed
CVE-2024-22113 was published Jan 22, 2024
IBM Storage Defender - Data Protect 1.0.0 through 1.4.1 is vulnerable to HTTP header injection,... Moderate Unreviewed
CVE-2023-50963 was published Jan 19, 2024
The T1 WordPress theme through 19.0 is vulnerable to unauthenticated open redirect with which any... Moderate Unreviewed
CVE-2023-3771 was published Jan 16, 2024
Open Redirect vulnerability in FireEye HXTool affecting version 4.6, the exploitation of which... Moderate Unreviewed
CVE-2024-0319 was published Jan 15, 2024
A vulnerability classified as problematic was found in CodeCanyon RISE Rise Ultimate Project... Moderate Unreviewed
CVE-2024-0545 was published Jan 15, 2024
Zentao versions 4.1.3 and before has a URL redirect vulnerability, which prevents the system from... Moderate Unreviewed
CVE-2023-49394 was published Jan 10, 2024
SAP Marketing (Contacts App) - version 160, allows an attacker with low privileges to trick a... Low Unreviewed
CVE-2024-21734 was published Jan 9, 2024
Lack of "current" GET parameter validation during the action of changing a language leads to an... Moderate Unreviewed
CVE-2023-6552 was published Jan 8, 2024
Flarum's logout Route allows open redirects Low
CVE-2024-21641 was published for flarum/core (Composer) Jan 5, 2024
imorland DavideIadeluca
HCL DRYiCE MyXalytics is impacted by an Open Redirect vulnerability which could allow an attacker... Low Unreviewed
CVE-2023-50345 was published Jan 3, 2024
Follow Redirects improperly handles URLs in the url.parse() function Moderate
CVE-2023-26159 was published for follow-redirects (npm) Jan 2, 2024
iainsproat
Brave Browser before 1.59.40 does not properly restrict the schema for WebUI factory and redirect... Moderate Unreviewed
CVE-2023-52263 was published Dec 30, 2023
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in AAM Advanced Access Manager ... Moderate Unreviewed
CVE-2023-51675 was published Dec 29, 2023
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CodePeople Calculated Fields... Moderate Unreviewed
CVE-2023-51517 was published Dec 29, 2023
ProTip! Advisories are also available from the GraphQL API