Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,466
Erlang
33
GitHub Actions
23
Go
2,166
Maven
5,000+
npm
3,830
NuGet
696
pip
3,507
Pub
12
RubyGems
909
Rust
904
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,062 advisories

Loading
An issue was discovered in GitLab CE/EE affecting all versions from 11.8 before 17.4.6, 17.5... Moderate Unreviewed
CVE-2024-9387 was published Dec 12, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.1 prior to 17.4.6... High Unreviewed
CVE-2024-11274 was published Dec 12, 2024
Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a URL Redirection to Untrusted... Low Unreviewed
CVE-2024-54051 was published Dec 10, 2024
Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a URL Redirection to Untrusted... Low Unreviewed
CVE-2024-54050 was published Dec 10, 2024
Dell ECS, versions prior to 3.8.0, contain(s) a Host Header Injection Vulnerability. A remote low... Moderate Unreviewed
CVE-2024-38485 was published Dec 9, 2024
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in aviplugins.com Login Widget... Moderate Unreviewed
CVE-2024-54255 was published Dec 9, 2024
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component:... Moderate Unreviewed
CVE-2024-21065 was published Apr 17, 2024
An Open Redirect vulnerability was found in osTicky2 below 2.2.8. osTicky (osTicket Bridge) by... Moderate Unreviewed
CVE-2024-21728 was published Feb 15, 2024
BunkerWeb has Open Redirect Vulnerability in Loading Page Moderate
CVE-2024-53264 was published for github.com/bunkerity/bunkerweb (Go) Dec 2, 2024
adventure8812
Inadequate parsing of URLs could result into an open redirect. Moderate Unreviewed
CVE-2024-21723 was published Feb 29, 2024
Traefik's X-Forwarded-Prefix Header still allows for Open Redirect Moderate
CVE-2024-52003 was published for github.com/traefik/traefik/v2 (Go) Dec 2, 2024
kunte0
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC)... Moderate Unreviewed
CVE-2020-3558 was published May 24, 2022
A vulnerability in the web interface of Cisco Firepower Management Center (FMC) Software could... Moderate Unreviewed
CVE-2020-3311 was published May 24, 2022
rdiffweb vulnerable to Open Redirect Moderate
CVE-2022-3438 was published for rdiffweb (pip) Oct 10, 2022
@strapi/plugin-users-permissions leaks 3rd party authentication tokens and authentication bypass High
CVE-2024-34065 was published for @strapi/plugin-users-permissions (npm) Jun 12, 2024
Eventyret iarce-qb
derrickmehaffy Convly innerdvations alexandrebodin
Open Redirect in werkzeug Moderate
CVE-2020-28724 was published for werkzeug (pip) Apr 20, 2021
Authorization Header forwarded on redirect Moderate
CVE-2018-25091 was published for urllib3 (pip) Oct 15, 2023
Open redirect in Tornado Moderate
CVE-2023-28370 was published for tornado (pip) May 25, 2023
christian-ruiz bdarnell
Trac Open redirect vulnerability Moderate
CVE-2008-2951 was published for trac (pip) May 1, 2022
Open redirect vulnerability in Jenkins OpenId Connect Authentication Plugin Moderate
CVE-2023-50771 was published for org.jenkins-ci.plugins:oic-auth (Maven) Dec 13, 2023
westonsteimel
A vulnerability in the web-based management interface of Cisco ECE could allow an... Moderate Unreviewed
CVE-2022-20634 was published Nov 15, 2024
An open redirection vulnerability exists in pyload/pyload version 0.5.0. The vulnerability is due... Moderate Unreviewed
CVE-2024-1240 was published Nov 15, 2024
Open Redirect vulnerability in Corezoid Process Engine v6.5.0 allows attackers to redirect to... Moderate Unreviewed
CVE-2024-27592 was published Apr 11, 2024
A vulnerability has been found in Apereo CAS 6.6 and classified as problematic. Affected by this... Moderate Unreviewed
CVE-2024-11207 was published Nov 14, 2024
Unsafe handling of user-specified cookies in treq High
CVE-2022-23607 was published for treq (pip) Feb 1, 2022
glyph twm
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database