Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

686 advisories

Loading
Unvalidated redirects Moderate Unreviewed
CVE-2021-35206 was published Jun 23, 2021
Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 95.0... Moderate Unreviewed
CVE-2021-38000 was published Nov 24, 2021
Dell EMC CloudLink 7.1 and all prior versions contain a HTML and Javascript Injection... Moderate Unreviewed
CVE-2021-36332 was published Nov 24, 2021
An open redirect through HTML injection in confidential messages in Cryptshare before 5.1.0... Moderate Unreviewed
CVE-2021-42564 was published Dec 1, 2021
The 'Copy Image Link' context menu action would copy the final image URL after redirects. By... Moderate Unreviewed
CVE-2021-43532 was published Dec 9, 2021
A url redirection to untrusted site ('open redirect') in Fortinet FortiWeb version 6.4.1 and 6.4... Moderate Unreviewed
CVE-2021-43064 was published Dec 9, 2021
A url redirection to untrusted site ('open redirect') in Fortinet FortiWeb version 6.4.1 and... Moderate Unreviewed
CVE-2021-36191 was published Dec 9, 2021
openwhyd is vulnerable to URL Redirection to Untrusted Site Moderate Unreviewed
CVE-2021-3829 was published Dec 11, 2021
An issue in /domain/service/.ewell-known/caldav of Zimbra Collaboration 8.8.12 allows attackers... Moderate Unreviewed
CVE-2020-18985 was published Dec 17, 2021
TCMAN GIM is affected by an open redirect vulnerability. This vulnerability allows the... Moderate Unreviewed
CVE-2021-40852 was published Dec 18, 2021
Open redirect vulnerability in GroupSession Free edition ver5.1.1 and earlier, GroupSession... Moderate Unreviewed
CVE-2021-20875 was published Dec 25, 2021
An open redirect vulnerability has been reported to affect QNAP device running QcalAgent. If... Moderate Unreviewed
CVE-2021-38678 was published Jan 15, 2022
The AnyComment WordPress plugin through 0.2.17 has an API endpoint which passes user input via... Moderate Unreviewed
CVE-2021-24838 was published Jan 18, 2022
The WebP Converter for Media WordPress plugin before 4.0.3 contains a file (passthru.php) which... Moderate Unreviewed
CVE-2021-25074 was published Jan 25, 2022
The Event Tickets WordPress plugin before 5.2.2 does not validate the tribe_tickets_redirect_to... Moderate Unreviewed
CVE-2021-25028 was published Jan 25, 2022
Adenza AxiomSL ControllerView through 10.8.1 allows redirection for SSO login URLs. Moderate Unreviewed
CVE-2022-22919 was published Jan 31, 2022
In affected Octopus Server versions when the server HTTP and HTTPS bindings are configured to... Moderate Unreviewed
CVE-2022-23184 was published Feb 8, 2022
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0).... Moderate Unreviewed
CVE-2022-23102 was published Feb 10, 2022
Open Redirect vulnerability exists in SeedDMS 6.0.15 in out.Login.php, which llows remote... Moderate Unreviewed
CVE-2021-45408 was published Feb 10, 2022
The WordPress Newsletter Plugin WordPress plugin before 1.6.5 does not validate the to parameter... Moderate Unreviewed
CVE-2021-25033 was published Feb 15, 2022
A remote URL redirection vulnerability was discovered in HPE OneView Global Dashboard version(s):... Moderate Unreviewed
CVE-2021-29217 was published Feb 25, 2022
In JetBrains TeamCity before 2021.2.1, a redirection to an external site was possible. Moderate Unreviewed
CVE-2022-24330 was published Feb 26, 2022
An issue was discovered in the web application in Cherwell Service Management (CSM) 10.2.3. It... Moderate Unreviewed
CVE-2022-26158 was published Mar 1, 2022
An issue was discovered in the web application in Cherwell Service Management (CSM) 10.2.3.... Moderate Unreviewed
CVE-2022-26156 was published Mar 1, 2022
DLink DIR850 ET850-1.08TRb03 is affected by an incorrect access control vulnerability through URL... Moderate Unreviewed
CVE-2021-46379 was published Mar 5, 2022
ProTip! Advisories are also available from the GraphQL API