Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,466
Erlang
33
GitHub Actions
23
Go
2,166
Maven
5,000+
npm
3,830
NuGet
696
pip
3,507
Pub
12
RubyGems
909
Rust
904
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,062 advisories

Loading
An issue in Beijing Sogou Technology Development Co., Ltd Sogou Input iOS 12.2.0 allows attackers... Moderate Unreviewed
CVE-2024-56963 was published Jan 27, 2025
An issue in Kingsoft Office Software Corporation Limited WPS Office iOS 12.20.0 allows attackers... Moderate Unreviewed
CVE-2024-56957 was published Jan 27, 2025
An issue in Beijing Baidu Netcom Science & Technology Co Ltd Haokan Video iOS 7.70.0 allows... Moderate Unreviewed
CVE-2024-56954 was published Jan 27, 2025
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in ThimPress LearnPress. This... Moderate Unreviewed
CVE-2025-24740 was published Jan 27, 2025
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in KB Support KB Support. This... Moderate Unreviewed
CVE-2025-24741 was published Jan 27, 2025
A vulnerability has been found in JoeyBling bootplus up to... Moderate Unreviewed
CVE-2025-0705 was published Jan 24, 2025
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web... Moderate Unreviewed
CVE-2025-21512 was published Jan 21, 2025
WebOb's location header normalization during redirect leads to open redirect Moderate
CVE-2024-42353 was published for webob (pip) Aug 14, 2024
On most desktop platforms, Brave Browser versions 1.70.x-1.73.x included a feature to show a site... Moderate Unreviewed
CVE-2025-23086 was published Jan 21, 2025
Flarum's logout Route allows open redirects Moderate
CVE-2024-21641 was published for flarum/core (Composer) Jan 5, 2024
imorland DavideIadeluca
anonymous-nlp-student
Bruno before 1.29.1 uses Electron shell.openExternal without validation (of http or https) for... Moderate Unreviewed
CVE-2024-48463 was published Nov 4, 2024
TYPO3 Potential Open Redirect via Parsing Differences Moderate
CVE-2024-55892 was published for typo3/cms-core (Composer) Jan 14, 2025
The login page of Venki Supravizio BPM up to 18.1.1 is vulnerable to open redirect leading to... High Unreviewed
CVE-2024-46481 was published Jan 13, 2025
DOM-based HTML injection vulnerability in the main page of Darktrace Threat Visualizer version 6... Moderate Unreviewed
CVE-2024-22854 was published Feb 16, 2024
After downloading a Windows <code>.url</code> shortcut from the local filesystem, an attacker... High Unreviewed
CVE-2023-25734 was published Jun 2, 2023
GHSL-2024-288: SickChill open redirect in login Low
CVE-2024-53995 was published for sickchill (pip) Jan 8, 2025
When redirecting to an invalid protocol scheme, an attacker could spoof the address bar. *Note:... Moderate Unreviewed
CVE-2025-0244 was published Jan 7, 2025
Better Auth has an Open Redirect Vulnerability in Verify Email Endpoint High
CVE-2024-56734 was published for better-auth (npm) Dec 30, 2024
jamesjulich
A vulnerability was found in ruifang-tech Rebuild 3.8.6. It has been classified as problematic.... Moderate Unreviewed
CVE-2024-12990 was published Dec 27, 2024
keycloak-core: open redirect via "form_post.jwt" JARM response mode Moderate
CVE-2023-6927 was published for org.keycloak:keycloak-core (Maven) Jan 23, 2024
PontusHanssen kasperkarlsson
Chetven
Duplicate Advisory: Keycloak Open Redirect vulnerability Moderate
GHSA-3p75-q5cc-qmj7 was published for org.keycloak:keycloak-parent (Maven) Dec 19, 2023 withdrawn
Duplicate Advisory: Keycloak Open Redirect vulnerability High
GHSA-vvf8-2h68-9475 was published for org.keycloak:keycloak-services (Maven) Sep 19, 2024 withdrawn
Keycloak has Vulnerable Redirect URI Validation Results in Open Redirect Moderate
CVE-2024-8883 was published for org.keycloak:keycloak-services (Maven) Oct 14, 2024
Chetven
IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.3 could allow a remote... Moderate Unreviewed
CVE-2024-45082 was published Dec 18, 2024
A URL redirection vulnerability exists in UJCMS 9.6.3 due to improper validation of URLs in the... Moderate Unreviewed
CVE-2024-55452 was published Dec 17, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database