Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,168
Erlang
30
GitHub Actions
19
Go
1,978
Maven
5,000+
npm
3,698
NuGet
656
pip
3,315
Pub
11
RubyGems
882
Rust
832
Swift
35
Unreviewed advisories
All unreviewed
5,000+

983 advisories

Loading
silverstripe/framework BackURL validation bypass with malformed URLs High
GHSA-m5q3-mvcr-gc5m was published for silverstripe/framework (Composer) May 27, 2024
Silverstripe External redirection risk in Security?ReturnURL Moderate
GHSA-vp8p-c6xj-xpj7 was published for silverstripe/framework (Composer) May 23, 2024
Silverstripe X-Forwarded-Host request hostname injection High
GHSA-25gq-jvx2-vg9x was published for silverstripe/framework (Composer) May 23, 2024
Umbraco CMS Open Redirect Bypass Protection Moderate
CVE-2024-34071 was published for Umbraco.Cms.Web.BackOffice (NuGet) May 21, 2024
0xRyuzak1
OroPlatform Forced Redirect to External Website Moderate
GHSA-3vhm-q4w3-rw8q was published for oro/platform (Composer) May 20, 2024
OroCRM Forced Redirect to External Website Moderate
GHSA-v8hp-239v-9367 was published for oro/crm (Composer) May 20, 2024
Drupal core Open Redirect vulnerability Moderate
GHSA-wxfg-253g-m7r4 was published for drupal/drupal (Composer) May 15, 2024
Drupal Anonymous Open Redirect Moderate
GHSA-x6v2-xmrq-574j was published for drupal/drupal (Composer) May 15, 2024
Drupal External URL injection through URL aliases leading to Open Redirect Moderate
GHSA-r67r-42wx-c8r7 was published for drupal/drupal (Composer) May 15, 2024
Drupal core Open Redirect vulnerability Moderate
GHSA-6gf6-24h2-66j4 was published for drupal/core (Composer) May 15, 2024
Drupal Anonymous Open Redirect Moderate
GHSA-gfvf-2f25-f34r was published for drupal/core (Composer) May 15, 2024
Drupal External URL injection through URL aliases leading to Open Redirect Moderate
GHSA-7f4f-p7mq-p4fv was published for drupal/core (Composer) May 15, 2024
A vulnerability in the web-based management interface of Cisco Crosswork Network Services... Moderate Unreviewed
CVE-2024-20369 was published May 15, 2024
When a network error occurred during page load, the prior content could have remained in view... High Unreviewed
CVE-2024-4773 was published May 14, 2024
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in ILLID Share This Image.This... Moderate Unreviewed
CVE-2024-33930 was published May 2, 2024
An issue was discovered in ViewerJS 0.5.8. A script from the component loads content via URL TAGs... Moderate Unreviewed
CVE-2024-25676 was published May 1, 2024
An issue in Wifire Hotspot v.4.5.3 allows a local attacker to execute arbitrary code via a... High Unreviewed
CVE-2024-26504 was published May 1, 2024
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Deepen Bajracharya Video... Moderate Unreviewed
CVE-2024-33584 was published Apr 29, 2024
Portainer before 2.20.0 allows redirects when the target is not index.yaml. Critical Unreviewed
CVE-2024-33661 was published Apr 26, 2024
Privilege Escalation in Kubernetes Moderate
CVE-2020-8559 was published for k8s.io/apimachinery (Go) Apr 24, 2024
thejan2009 shanduur
wikkyk psilva-veeam hectorj2f PelagicGames
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Foliovision FV Flowplayer... Moderate Unreviewed
CVE-2024-32078 was published Apr 24, 2024
cg vulnerable to an Open Redirect Vulnerability on Referer Header Moderate
GHSA-w228-rfpx-fhm4 was published for cg (pip) Apr 23, 2024
aydinnyunus
The SolarWinds Platform was susceptible to a Arbitrary Open Redirection Vulnerability. A... High Unreviewed
CVE-2024-28076 was published Apr 18, 2024
Keycloak Cross-site Scripting (XSS) via assertion consumer service URL in SAML POST-binding flow Moderate
CVE-2023-6717 was published for org.keycloak:keycloak-services (Maven) Apr 17, 2024
Keycloak path traversal vulnerability in the redirect validation High
CVE-2024-2419 was published for org.keycloak:keycloak-services (Maven) Apr 17, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database