Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

45 advisories

Loading
The Page Builder KingComposer WordPress plugin through 2.9.6 does not validate the id parameter... High Unreviewed
CVE-2022-0165 was published Mar 15, 2022
The XMLHttpRequest object in Opera 8.0 Final Build 1095 allows remote attackers to bypass access... High Unreviewed
CVE-2005-1475 was published May 1, 2022
Adobe Flash Player versions 26.0.0.137 and earlier have a security bypass vulnerability that... High Unreviewed
CVE-2017-3085 was published May 13, 2022
Dell EMC Unity and UnityVSA versions prior to 4.3.1.1525703027 contains a URL Redirection... High Unreviewed
CVE-2018-1251 was published May 13, 2022
A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15... High Unreviewed
CVE-2018-13813 was published May 13, 2022
A malicious third-party can give a crafted "ssh://..." URL to an unsuspecting victim, and an... High Unreviewed
CVE-2017-1000117 was published May 13, 2022
IBM WebSphere Portal 8.5 and 9.0 could allow a remote attacker to conduct phishing attacks, using... High Unreviewed
CVE-2017-1156 was published May 13, 2022
An issue was discovered in Open-Xchange OX AppSuite before 7.8.0-rev27. The "defer" servlet... High Unreviewed
CVE-2016-3174 was published May 14, 2022
Redirection version 2.7.3 contains a ACE via file inclusion vulnerability in Pass-through mode... High Unreviewed
CVE-2018-1000504 was published May 14, 2022
Redirection from an HTTP connection to a "data:" URL assigns the referring site's origin to the ... High Unreviewed
CVE-2016-9078 was published May 14, 2022
An open redirect vulnerability has been detected with some Pivotal Cloud Foundry Elastic Runtime... High Unreviewed
CVE-2016-6657 was published May 17, 2022
Multiple open redirect vulnerabilities in Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.6... High Unreviewed
CVE-2016-0928 was published May 17, 2022
An Improper Input Validation issue was discovered in GitLab Community and Enterprise Edition... High Unreviewed
CVE-2019-6781 was published May 24, 2022
When processing Deeplink scheme, Happypoint mobile app 6.3.19 and earlier versions doesn't check... High Unreviewed
CVE-2019-9140 was published May 24, 2022
cPanel before 67.9999.103 allows an open redirect in /unprotected/redirect.html (SEC-300). High Unreviewed
CVE-2017-18414 was published May 24, 2022
IBM Security Directory Server 6.4.0 could allow a remote attacker to conduct phishing attacks,... High Unreviewed
CVE-2019-4538 was published May 24, 2022
The digest generation function of NHIServiSignAdapter has not been verified for source file path,... High Unreviewed
CVE-2020-25846 was published May 24, 2022
Multiple functions of NHIServiSignAdapter failed to verify the users’ file path, which leads to... High Unreviewed
CVE-2020-25845 was published May 24, 2022
Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no... High Unreviewed
CVE-2021-28861 was published Aug 24, 2022
HCL iNotes is susceptible to a link to non-existent domain vulnerability. An attacker could use... High Unreviewed
CVE-2022-27547 was published Aug 29, 2022
An attacker can change the content of an SAP Commerce - versions 1905, 2005, 2105, 2011, 2205,... High Unreviewed
CVE-2022-41204 was published Oct 12, 2022
Microsoft Edge (Chromium-based) Webview2 Spoofing Vulnerability High Unreviewed
CVE-2023-24892 was published Mar 14, 2023
The BatteryHealthActivity has a redirection vulnerability. Successful exploitation of this... High Unreviewed
CVE-2022-48358 was published Mar 28, 2023
An issue has been discovered in GitLab affecting all versions starting from 8.15 before 16.2.8,... High Unreviewed
CVE-2023-3922 was published Sep 29, 2023
VMware Workspace ONE UEM console contains an open redirect vulnerability. A malicious actor may... High Unreviewed
CVE-2023-20886 was published Oct 31, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database