Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
21
Go
2,094
Maven
5,000+
npm
3,759
NuGet
678
pip
3,445
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

656 advisories

Loading
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web... Moderate Unreviewed
CVE-2025-21512 was published Jan 21, 2025
On most desktop platforms, Brave Browser versions 1.70.x-1.73.x included a feature to show a site... Moderate Unreviewed
CVE-2025-23086 was published Jan 21, 2025
Bruno before 1.29.1 uses Electron shell.openExternal without validation (of http or https) for... Moderate Unreviewed
CVE-2024-48463 was published Nov 4, 2024
DOM-based HTML injection vulnerability in the main page of Darktrace Threat Visualizer version 6... Moderate Unreviewed
CVE-2024-22854 was published Feb 16, 2024
When redirecting to an invalid protocol scheme, an attacker could spoof the address bar. *Note:... Moderate Unreviewed
CVE-2025-0244 was published Jan 7, 2025
A vulnerability was found in ruifang-tech Rebuild 3.8.6. It has been classified as problematic.... Moderate Unreviewed
CVE-2024-12990 was published Dec 27, 2024
IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.3 could allow a remote... Moderate Unreviewed
CVE-2024-45082 was published Dec 18, 2024
A URL redirection vulnerability exists in UJCMS 9.6.3 due to improper validation of URLs in the... Moderate Unreviewed
CVE-2024-55452 was published Dec 17, 2024
An issue was discovered in GitLab CE/EE affecting all versions from 11.8 before 17.4.6, 17.5... Moderate Unreviewed
CVE-2024-9387 was published Dec 12, 2024
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in aviplugins.com Login Widget... Moderate Unreviewed
CVE-2024-54255 was published Dec 9, 2024
Dell ECS, versions prior to 3.8.0, contain(s) a Host Header Injection Vulnerability. A remote low... Moderate Unreviewed
CVE-2024-38485 was published Dec 9, 2024
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component:... Moderate Unreviewed
CVE-2024-21065 was published Apr 17, 2024
An Open Redirect vulnerability was found in osTicky2 below 2.2.8. osTicky (osTicket Bridge) by... Moderate Unreviewed
CVE-2024-21728 was published Feb 15, 2024
Inadequate parsing of URLs could result into an open redirect. Moderate Unreviewed
CVE-2024-21723 was published Feb 29, 2024
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC)... Moderate Unreviewed
CVE-2020-3558 was published May 24, 2022
A vulnerability in the web interface of Cisco Firepower Management Center (FMC) Software could... Moderate Unreviewed
CVE-2020-3311 was published May 24, 2022
A vulnerability in the web-based management interface of Cisco ECE could allow an... Moderate Unreviewed
CVE-2022-20634 was published Nov 15, 2024
An open redirection vulnerability exists in pyload/pyload version 0.5.0. The vulnerability is due... Moderate Unreviewed
CVE-2024-1240 was published Nov 15, 2024
Open Redirect vulnerability in Corezoid Process Engine v6.5.0 allows attackers to redirect to... Moderate Unreviewed
CVE-2024-27592 was published Apr 11, 2024
A vulnerability has been found in Apereo CAS 6.6 and classified as problematic. Affected by this... Moderate Unreviewed
CVE-2024-11207 was published Nov 14, 2024
An Open-Redirect vulnerability exists in PingAM where well-crafted requests may cause improper... Moderate Unreviewed
CVE-2024-25566 was published Oct 29, 2024
HCL BigFix Compliance is affected by unvalidated redirects and forwards. The HOST header can be... Moderate Unreviewed
CVE-2024-30140 was published Nov 7, 2024
Inadequate validation of URLs could result into an invalid check whether an redirect URL is... Moderate Unreviewed
CVE-2024-27184 was published Aug 20, 2024
URL spoofing vulnerability exists in a-blog cms Ver.3.1.0 to Ver.3.1.8. If an attacker sends a... Moderate Unreviewed
CVE-2024-25559 was published Feb 15, 2024
PbootCMS 3.2.8 is vulnerable to URL Redirect. Moderate Unreviewed
CVE-2024-42930 was published Oct 28, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database