Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,023
Erlang
29
GitHub Actions
16
Go
1,830
Maven
5,000+
npm
3,573
NuGet
632
pip
3,156
Pub
10
RubyGems
847
Rust
796
Swift
34
Unreviewed advisories
All unreviewed
5,000+

919 advisories

Loading
lorawan-stack Open Redirect vulnerability Moderate
CVE-2023-26494 was published for go.thethings.network/lorawan-stack/v3 (Go) Aug 5, 2024
MobSF vulnerable to Open Redirect in Login Redirect Moderate
CVE-2024-41955 was published for mobsf (pip) Jul 31, 2024
IdentityServer Open Redirect vulnerability Moderate
GHSA-55p7-v223-x366 was published for IdentityServer4 (NuGet) Jul 31, 2024
IdentityServer Open Redirect vulnerability Moderate
CVE-2024-39694 was published for Duende.IdentityServer (NuGet) Jul 31, 2024
A vulnerability in the web-based management interface of Cisco Expressway Series could allow an... Moderate Unreviewed
CVE-2024-20400 was published Jul 17, 2024
The WPS Hide Login WordPress plugin before 1.9.16.4 does not prevent redirects to the login page... Moderate Unreviewed
CVE-2024-6289 was published Jul 15, 2024
Open redirect vulnerability allows a remote unauthenticated attacker to redirect users to... Moderate Unreviewed
CVE-2024-5492 was published Jul 10, 2024
An issue in Outline <= v0.76.1 allows attackers to redirect a victim user to a malicious site via... Moderate Unreviewed
CVE-2024-37830 was published Jul 9, 2024
The user may be redirected to an arbitrary site in Sitefinity 15.1.8321.0 and previous versions. Moderate Unreviewed
CVE-2024-4882 was published Jul 8, 2024
Khoj Open Redirect Vulnerability in Login Page Moderate
GHSA-564j-v29w-rqr6 was published for khoj-assistant (pip) Jul 8, 2024
davidxbors
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Kodezen Limited Academy LMS... Low Unreviewed
CVE-2024-37234 was published Jul 6, 2024
An open redirect vulnerability exists in imartinez/privategpt version 0.5.0 due to improper... Moderate Unreviewed
CVE-2024-5936 was published Jun 27, 2024
The Contact Form 7 WordPress plugin before 5.9.5 has an open redirect that allows an attacker to... Moderate Unreviewed
CVE-2024-4704 was published Jun 27, 2024
October System module has an Open Redirect for Administrator Accounts Low
CVE-2024-24764 was published for october/system (Composer) Jun 26, 2024
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Magarsus Consultancy SSO ... Moderate Unreviewed
CVE-2024-4604 was published Jun 26, 2024
Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain an... Low Unreviewed
CVE-2024-37141 was published Jun 26, 2024
Open redirect in gradio Moderate
CVE-2024-4940 was published for gradio (pip) Jun 22, 2024
The Export WP Page to Static HTML/CSS plugin for WordPress is vulnerable to Open Redirect in all... High Unreviewed
CVE-2024-3597 was published Jun 20, 2024
An open redirect issue was discovered in Kibana that could lead to a user being redirected to an... Moderate Unreviewed
CVE-2024-23442 was published Jun 14, 2024
Themify Builder WordPress plugin before 7.5.8 does not validate a parameter before redirecting... Moderate Unreviewed
CVE-2024-3032 was published Jun 13, 2024
@strapi/plugin-users-permissions leaks 3rd party authentication tokens and authentication bypass High
CVE-2024-34065 was published for @strapi/plugin-users-permissions (npm) Jun 12, 2024
Eventyret iarce-qb
derrickmehaffy innerdvations alexandrebodin
Zendframework Remote Address Spoofing Vector in `Zend\Http\PhpEnvironment\RemoteAddress` High
GHSA-xffp-6w68-4775 was published for zendframework/zendframework (Composer) Jun 7, 2024
A URL redirection to untrusted site ('open redirect') in Fortinet FortiAuthenticator version 6.6... Moderate Unreviewed
CVE-2024-23664 was published Jun 3, 2024
Open Redirect URL in Harbor Moderate
CVE-2024-22244 was published for github.com/goharbor/harbor (Go) Jun 2, 2024
silverstripe/framework BackURL validation bypass with malformed URLs High
GHSA-m5q3-mvcr-gc5m was published for silverstripe/framework (Composer) May 27, 2024
ProTip! Advisories are also available from the GraphQL API