Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,342
Erlang
31
GitHub Actions
22
Go
2,106
Maven
5,000+
npm
3,764
NuGet
679
pip
3,451
Pub
12
RubyGems
892
Rust
886
Swift
37
Unreviewed advisories
All unreviewed
5,000+

1,040 advisories

Loading
HAPI FHIR XML External Entity (XXE) vulnerability High
CVE-2024-51132 was published for ca.uhn.hapi.fhir:org.hl7.fhir.convertors (Maven) Nov 5, 2024
Bruno before 1.29.1 uses Electron shell.openExternal without validation (of http or https) for... Moderate Unreviewed
CVE-2024-48463 was published Nov 4, 2024
An Open-Redirect vulnerability exists in PingAM where well-crafted requests may cause improper... Moderate Unreviewed
CVE-2024-25566 was published Oct 29, 2024
PbootCMS 3.2.8 is vulnerable to URL Redirect. Moderate Unreviewed
CVE-2024-42930 was published Oct 28, 2024
Coder vulnerable to post-auth URL redirection to untrusted site ('Open Redirect') Moderate
GHSA-wcx9-ccpj-hx3c was published for github.com/coder/coder/v2 (Go) Oct 28, 2024
jchristov
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in WP Sunshine Sunshine Photo... Moderate Unreviewed
CVE-2024-50463 was published Oct 28, 2024
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in smp7, wp.Insider Simple... Moderate Unreviewed
CVE-2024-49682 was published Oct 24, 2024
Public Knowledge Project pkp-lib 3.4.0-7 and earlier is vulnerable to Open redirect due to a lack... Moderate Unreviewed
CVE-2024-46326 was published Oct 21, 2024
Keycloak has Vulnerable Redirect URI Validation Results in Open Redirect Moderate
CVE-2024-8883 was published for org.keycloak:keycloak-services (Maven) Oct 14, 2024
Chetven
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in QuomodoSoft ElementsReady... Moderate Unreviewed
CVE-2024-47353 was published Oct 11, 2024
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in smp7, wp.Insider Simple... Moderate Unreviewed
CVE-2024-47354 was published Oct 10, 2024
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in EventPrime Events EventPrime... Moderate Unreviewed
CVE-2024-47648 was published Oct 10, 2024
Windows Mobile Broadband Driver Remote Code Execution Vulnerability Moderate Unreviewed
CVE-2024-43536 was published Oct 8, 2024
Windows Mobile Broadband Driver Remote Code Execution Vulnerability Moderate Unreviewed
CVE-2024-43543 was published Oct 8, 2024
The web server of affected devices does not properly validate input that is used for a user... Moderate Unreviewed
CVE-2024-46886 was published Oct 8, 2024
Sonarr – CWE-601: URL Redirection to Untrusted Site ('Open Redirect') Moderate Unreviewed
CVE-2024-45247 was published Oct 6, 2024
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Payflex Payflex Payment... Moderate Unreviewed
CVE-2024-47646 was published Oct 5, 2024
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Microchip TimeProvider 4100... High Unreviewed
CVE-2024-43683 was published Oct 4, 2024
There is an unvalidated redirect vulnerability in Esri Portal for ArcGIS 10.8.1 - 11.2 that may... Moderate Unreviewed
CVE-2024-8148 was published Oct 4, 2024
There is an unvalidated redirect vulnerability in Esri Portal for ArcGIS 11.0 and 10.9.1 that may... Moderate Unreviewed
CVE-2024-38037 was published Oct 4, 2024
Express Open Redirect vulnerability Low
CVE-2024-9266 was published for express (npm) Oct 3, 2024
m3t3kh4n G-Rath
Eclipse Glassfish improperly handles http parameters Moderate
CVE-2024-9329 was published for org.glassfish.main.admin:rest-service (Maven) Sep 30, 2024
ModStartCMS v8.8.0 was discovered to contain an open redirect vulnerability in the redirect... High Unreviewed
CVE-2024-46331 was published Sep 27, 2024
A host header injection vulnerability in BookReviewLibrary 1.0 allows attackers to obtain the... High Unreviewed
CVE-2024-45981 was published Sep 26, 2024
A host header injection vulnerability in Lines Police CAD 1.0 allows attackers to obtain the... High Unreviewed
CVE-2024-45979 was published Sep 26, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database