Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

38 advisories

Loading
The Page Builder KingComposer WordPress plugin through 2.9.6 does not validate the id parameter... High Unreviewed
CVE-2022-0165 was published Mar 15, 2022
An attacker can change the content of an SAP Commerce - versions 1905, 2005, 2105, 2011, 2205,... High Unreviewed
CVE-2022-41204 was published Oct 12, 2022
An open redirect vulnerability has been detected with some Pivotal Cloud Foundry Elastic Runtime... High Unreviewed
CVE-2016-6657 was published May 17, 2022
Multiple open redirect vulnerabilities in Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.6... High Unreviewed
CVE-2016-0928 was published May 17, 2022
Adobe Flash Player versions 26.0.0.137 and earlier have a security bypass vulnerability that... High Unreviewed
CVE-2017-3085 was published May 13, 2022
The digest generation function of NHIServiSignAdapter has not been verified for source file path,... High Unreviewed
CVE-2020-25846 was published May 24, 2022
HCL iNotes is susceptible to a link to non-existent domain vulnerability. An attacker could use... High Unreviewed
CVE-2022-27547 was published Aug 29, 2022
Multiple functions of NHIServiSignAdapter failed to verify the users’ file path, which leads to... High Unreviewed
CVE-2020-25845 was published May 24, 2022
The XMLHttpRequest object in Opera 8.0 Final Build 1095 allows remote attackers to bypass access... High Unreviewed
CVE-2005-1475 was published May 1, 2022
IBM Security Directory Server 6.4.0 could allow a remote attacker to conduct phishing attacks,... High Unreviewed
CVE-2019-4538 was published May 24, 2022
Dell EMC Unity and UnityVSA versions prior to 4.3.1.1525703027 contains a URL Redirection... High Unreviewed
CVE-2018-1251 was published May 13, 2022
A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15... High Unreviewed
CVE-2018-13813 was published May 13, 2022
A malicious third-party can give a crafted "ssh://..." URL to an unsuspecting victim, and an... High Unreviewed
CVE-2017-1000117 was published May 13, 2022
IBM WebSphere Portal 8.5 and 9.0 could allow a remote attacker to conduct phishing attacks, using... High Unreviewed
CVE-2017-1156 was published May 13, 2022
An issue was discovered in Open-Xchange OX AppSuite before 7.8.0-rev27. The "defer" servlet... High Unreviewed
CVE-2016-3174 was published May 14, 2022
Redirection version 2.7.3 contains a ACE via file inclusion vulnerability in Pass-through mode... High Unreviewed
CVE-2018-1000504 was published May 14, 2022
Redirection from an HTTP connection to a "data:" URL assigns the referring site's origin to the ... High Unreviewed
CVE-2016-9078 was published May 14, 2022
Microsoft Edge (Chromium-based) Webview2 Spoofing Vulnerability High Unreviewed
CVE-2023-24892 was published Mar 14, 2023
The BatteryHealthActivity has a redirection vulnerability. Successful exploitation of this... High Unreviewed
CVE-2022-48358 was published Mar 28, 2023
VMware Workspace ONE UEM console contains an open redirect vulnerability. A malicious actor may... High Unreviewed
CVE-2023-20886 was published Oct 31, 2023
A CWE-601 URL Redirection to Untrusted Site vulnerability exists that could cause an... High Unreviewed
CVE-2023-5986 was published Nov 15, 2023
An issue was discovered in ownCloud owncloud/oauth2 before 0.6.1, when Allow Subdomains is... High Unreviewed
CVE-2023-49104 was published Nov 22, 2023
A CWE-601:URL Redirection to Untrusted Site (‘Open Redirect’) vulnerability exists that could... High Unreviewed
CVE-2023-5629 was published Dec 14, 2023
Unauthorized access vulnerability in the launcher module. Successful exploitation of this... High Unreviewed
CVE-2023-49240 was published Dec 6, 2023
Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no... High Unreviewed
CVE-2021-28861 was published Aug 24, 2022
ProTip! Advisories are also available from the GraphQL API