GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,967
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,076
Pub
10
RubyGems
832
Rust
781
Swift
34
Unreviewed advisories
All unreviewed
5,000+
899 advisories
Filter by severity
An open redirect vulnerability exists in imartinez/privategpt version 0.5.0 due to improper...
Moderate
Unreviewed
CVE-2024-5936
was published
Jun 27, 2024
October System module has an Open Redirect for Administrator Accounts
Low
CVE-2024-24764
was published
for
october/system
(Composer)
Jun 26, 2024
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Magarsus Consultancy SSO ...
Moderate
Unreviewed
CVE-2024-4604
was published
Jun 26, 2024
Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain an...
Low
Unreviewed
CVE-2024-37141
was published
Jun 26, 2024
An open redirect issue was discovered in Kibana that could lead to a user being redirected to an...
Moderate
Unreviewed
CVE-2024-23442
was published
Jun 14, 2024
@strapi/plugin-users-permissions leaks 3rd party authentication tokens and authentication bypass
High
CVE-2024-34065
was published
for
@strapi/plugin-users-permissions
(npm)
Jun 12, 2024
Zendframework Remote Address Spoofing Vector in `Zend\Http\PhpEnvironment\RemoteAddress`
High
GHSA-xffp-6w68-4775
was published
for
zendframework/zendframework
(Composer)
Jun 7, 2024
A URL redirection to untrusted site ('open redirect') in Fortinet FortiAuthenticator version 6.6...
Moderate
Unreviewed
CVE-2024-23664
was published
Jun 3, 2024
Open Redirect URL in Harbor
Moderate
CVE-2024-22244
was published
for
github.com/goharbor/harbor
(Go)
Jun 2, 2024
silverstripe/framework BackURL validation bypass with malformed URLs
High
GHSA-m5q3-mvcr-gc5m
was published
for
silverstripe/framework
(Composer)
May 27, 2024
Silverstripe External redirection risk in Security?ReturnURL
Moderate
GHSA-vp8p-c6xj-xpj7
was published
for
silverstripe/framework
(Composer)
May 23, 2024
Silverstripe X-Forwarded-Host request hostname injection
High
GHSA-25gq-jvx2-vg9x
was published
for
silverstripe/framework
(Composer)
May 23, 2024
Umbraco CMS Open Redirect Bypass Protection
Moderate
CVE-2024-34071
was published
for
Umbraco.Cms.Web.BackOffice
(NuGet)
May 21, 2024
OroPlatform Forced Redirect to External Website
Moderate
GHSA-3vhm-q4w3-rw8q
was published
for
oro/platform
(Composer)
May 20, 2024
OroCRM Forced Redirect to External Website
Moderate
GHSA-v8hp-239v-9367
was published
for
oro/crm
(Composer)
May 20, 2024
Drupal core Open Redirect vulnerability
Moderate
GHSA-wxfg-253g-m7r4
was published
for
drupal/drupal
(Composer)
May 15, 2024
Drupal Anonymous Open Redirect
Moderate
GHSA-x6v2-xmrq-574j
was published
for
drupal/drupal
(Composer)
May 15, 2024
Drupal External URL injection through URL aliases leading to Open Redirect
Moderate
GHSA-r67r-42wx-c8r7
was published
for
drupal/drupal
(Composer)
May 15, 2024
Drupal core Open Redirect vulnerability
Moderate
GHSA-6gf6-24h2-66j4
was published
for
drupal/core
(Composer)
May 15, 2024
Drupal Anonymous Open Redirect
Moderate
GHSA-gfvf-2f25-f34r
was published
for
drupal/core
(Composer)
May 15, 2024
Drupal External URL injection through URL aliases leading to Open Redirect
Moderate
GHSA-7f4f-p7mq-p4fv
was published
for
drupal/core
(Composer)
May 15, 2024
A vulnerability in the web-based management interface of Cisco Crosswork Network Services...
Moderate
Unreviewed
CVE-2024-20369
was published
May 15, 2024
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in ILLID Share This Image.This...
Moderate
Unreviewed
CVE-2024-33930
was published
May 2, 2024
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Deepen Bajracharya Video...
Moderate
Unreviewed
CVE-2024-33584
was published
Apr 29, 2024
ProTip!
Advisories are also available from the
GraphQL API