Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,080
Erlang
29
GitHub Actions
19
Go
1,908
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

955 advisories

Loading
Open Redirect vulnerability in Hitachi Device Manager before 8.5.2-01 allows remote attackers to... Moderate Unreviewed
CVE-2017-9297 was published May 17, 2022
Jensen of Scandinavia AS Air:Link 3G (AL3G) version 2.23m (Rev. 3), Air:Link 5000AC (AL5000AC)... Moderate Unreviewed
CVE-2016-10316 was published May 17, 2022
Open redirect vulnerability in Proxmox Mail Gateway prior to hotfix 4.0-8-097d26a9 allows remote... Moderate Unreviewed
CVE-2015-9058 was published May 17, 2022
An issue was discovered in Kabona AB WebDatorCentral (WDC) application prior to Version 3.4.0.... Moderate Unreviewed
CVE-2016-8376 was published May 17, 2022
IBM BigFix Inventory v9 could allow a remote attacker to conduct phishing attacks, using an open... Moderate Unreviewed
CVE-2016-8961 was published May 17, 2022
The "Scheduler" function in Cybozu Garoon before 4.2.2 allows remote attackers to redirect users... Moderate Unreviewed
CVE-2016-1213 was published May 17, 2022
Best Practical Request Tracker (RT) before 5.0.3 has an Open Redirect via a ticket search. Moderate Unreviewed
CVE-2022-25803 was published Jul 15, 2022
Open redirect vulnerability in the login page in Cisco TC Software before 6.3-26 and 7.x before 7... Moderate Unreviewed
CVE-2015-0697 was published May 17, 2022
cgiemail and cgiecho allow remote attackers to inject HTTP headers via a newline character in the... Moderate Unreviewed
CVE-2017-5615 was published May 17, 2022
Oils JS vulnerable to Open Redirect Moderate
CVE-2021-4260 was published for oils (npm) Dec 19, 2022
Characters from languages are such as Arabic, Hebrew are displayed from RTL (Right To Left) order... Moderate Unreviewed
CVE-2016-6908 was published May 17, 2022
An open redirect vulnerability exists in CERT/CC VINCE software prior to 1.5.0. An attacker could... Moderate Unreviewed
CVE-2022-25799 was published Aug 17, 2022
An open redirect vulnerability has been detected with some Pivotal Cloud Foundry Elastic Runtime... High Unreviewed
CVE-2016-6657 was published May 17, 2022
Open redirect vulnerability in Booked versions prior to 3.3 allows a remote unauthenticated... Moderate Unreviewed
CVE-2022-30706 was published Jul 27, 2022
IBM WebSphere Application Server (WAS) Liberty, as used in IBM Security Privileged Identity... Moderate Unreviewed
CVE-2016-3040 was published May 17, 2022
JSPUI's controlled vocabulary feature vulnerable to Open Redirect before v6.4 and v5.11 High
CVE-2022-31193 was published for org.dspace:dspace-jspui (Maven) Aug 6, 2022
Unauthenticated redirection to a malicious website Moderate Unreviewed
CVE-2022-27509 was published Jul 29, 2022
Open Redirect in Apache Superset Moderate
CVE-2021-28125 was published for apache-superset (pip) Oct 6, 2021
westonsteimel
Multiple open redirect vulnerabilities in Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.6... High Unreviewed
CVE-2016-0928 was published May 17, 2022
Open redirect vulnerability in the web portal in IBM Tealeaf Customer Experience before 8.7.1... Moderate Unreviewed
CVE-2016-5977 was published May 17, 2022
Open redirect vulnerability in IBM FileNet Workplace 4.0.2 through 4.0.2.14 IF001 allows remote... Moderate Unreviewed
CVE-2016-3047 was published May 17, 2022
Open redirect vulnerability in IBM FileNet Workplace 4.0.2 before 4.0.2.14 allows remote... Moderate Unreviewed
CVE-2016-5878 was published May 17, 2022
Adobe Flash Player versions 26.0.0.137 and earlier have a security bypass vulnerability that... High Unreviewed
CVE-2017-3085 was published May 13, 2022
When using the Performance API, an attacker was able to notice subtle differences between... Moderate Unreviewed
CVE-2022-36316 was published Dec 22, 2022
Even when an iframe was sandboxed with <code>allow-top-navigation-by-user-activation</code>, if... Moderate Unreviewed
CVE-2022-34474 was published Dec 22, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database