GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,080
Erlang
29
GitHub Actions
19
Go
1,908
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
67 advisories
Filter by severity
Update bitlyshortener to >=0.5.0 to prevent generating some invalid short URLs
High
GHSA-r82c-j4mq-5xfw
was published
for
bitlyshortener
(pip)
Oct 27, 2020
Open Redirect in Liferay Portal
High
CVE-2020-24554
was published
for
com.liferay.portal:release.portal.bom
(Maven)
May 7, 2021
Flask-AppBuilder Open Redirect vulnerability
High
CVE-2021-32805
was published
for
Flask-AppBuilder
(pip)
Sep 8, 2021
Clearance Gem Open Redirect Vulnerability
High
CVE-2021-23435
was published
for
clearance
(RubyGems)
Sep 13, 2021
DOS and Open Redirect with user input
High
CVE-2021-22964
was published
for
fastify-static
(npm)
Oct 12, 2021
Open Redirect in OAuth2 Proxy
High
CVE-2020-11053
was published
for
github.com/oauth2-proxy/oauth2-proxy
(Go)
Dec 20, 2021
node-fetch forwards secure headers to untrusted sites
High
CVE-2022-0235
was published
for
node-fetch
(npm)
Jan 21, 2022
Server-Side Request Forgery and Open Redirect in AllTube Download
High
CVE-2022-24739
was published
for
rudloff/alltube
(Composer)
Mar 9, 2022
The Page Builder KingComposer WordPress plugin through 2.9.6 does not validate the id parameter...
High
Unreviewed
CVE-2022-0165
was published
Mar 15, 2022
URL Redirection to Untrusted Site ('Open Redirect') in express-openid-connect
High
CVE-2022-24794
was published
for
express-openid-connect
(npm)
Mar 31, 2022
HTTP Proxy header vulnerability
High
CVE-2016-5385
was published
for
amphp/artax
(Composer)
Apr 7, 2022
The XMLHttpRequest object in Opera 8.0 Final Build 1095 allows remote attackers to bypass access...
High
Unreviewed
CVE-2005-1475
was published
May 1, 2022
Adobe Flash Player versions 26.0.0.137 and earlier have a security bypass vulnerability that...
High
Unreviewed
CVE-2017-3085
was published
May 13, 2022
Dell EMC Unity and UnityVSA versions prior to 4.3.1.1525703027 contains a URL Redirection...
High
Unreviewed
CVE-2018-1251
was published
May 13, 2022
A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15...
High
Unreviewed
CVE-2018-13813
was published
May 13, 2022
A malicious third-party can give a crafted "ssh://..." URL to an unsuspecting victim, and an...
High
Unreviewed
CVE-2017-1000117
was published
May 13, 2022
IBM WebSphere Portal 8.5 and 9.0 could allow a remote attacker to conduct phishing attacks, using...
High
Unreviewed
CVE-2017-1156
was published
May 13, 2022
An issue was discovered in Open-Xchange OX AppSuite before 7.8.0-rev27. The "defer" servlet...
High
Unreviewed
CVE-2016-3174
was published
May 14, 2022
Redirection version 2.7.3 contains a ACE via file inclusion vulnerability in Pass-through mode...
High
Unreviewed
CVE-2018-1000504
was published
May 14, 2022
Redirection from an HTTP connection to a "data:" URL assigns the referring site's origin to the ...
High
Unreviewed
CVE-2016-9078
was published
May 14, 2022
Open redirect in ASP.NET Core
High
CVE-2017-11879
was published
for
Microsoft.AspNetCore.All
(NuGet)
May 14, 2022
flask-oidc Open Redirect vulnerability
High
CVE-2016-1000001
was published
for
flask-oidc
(pip)
May 17, 2022
An open redirect vulnerability has been detected with some Pivotal Cloud Foundry Elastic Runtime...
High
Unreviewed
CVE-2016-6657
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API