Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,179
Erlang
31
GitHub Actions
19
Go
1,982
Maven
5,000+
npm
3,701
NuGet
656
pip
3,323
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

638 advisories

Loading
Unvalidated redirects Moderate Unreviewed
CVE-2021-35206 was published Jun 23, 2021
Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 95.0... Moderate Unreviewed
CVE-2021-38000 was published Nov 24, 2021
Dell EMC CloudLink 7.1 and all prior versions contain a HTML and Javascript Injection... Moderate Unreviewed
CVE-2021-36332 was published Nov 24, 2021
An open redirect through HTML injection in confidential messages in Cryptshare before 5.1.0... Moderate Unreviewed
CVE-2021-42564 was published Dec 1, 2021
The 'Copy Image Link' context menu action would copy the final image URL after redirects. By... Moderate Unreviewed
CVE-2021-43532 was published Dec 9, 2021
A url redirection to untrusted site ('open redirect') in Fortinet FortiWeb version 6.4.1 and 6.4... Moderate Unreviewed
CVE-2021-43064 was published Dec 9, 2021
A url redirection to untrusted site ('open redirect') in Fortinet FortiWeb version 6.4.1 and... Moderate Unreviewed
CVE-2021-36191 was published Dec 9, 2021
openwhyd is vulnerable to URL Redirection to Untrusted Site Moderate Unreviewed
CVE-2021-3829 was published Dec 11, 2021
An issue in /domain/service/.ewell-known/caldav of Zimbra Collaboration 8.8.12 allows attackers... Moderate Unreviewed
CVE-2020-18985 was published Dec 17, 2021
TCMAN GIM is affected by an open redirect vulnerability. This vulnerability allows the... Moderate Unreviewed
CVE-2021-40852 was published Dec 18, 2021
Open redirect vulnerability in GroupSession Free edition ver5.1.1 and earlier, GroupSession... Moderate Unreviewed
CVE-2021-20875 was published Dec 25, 2021
An open redirect vulnerability has been reported to affect QNAP device running QcalAgent. If... Moderate Unreviewed
CVE-2021-38678 was published Jan 15, 2022
The AnyComment WordPress plugin through 0.2.17 has an API endpoint which passes user input via... Moderate Unreviewed
CVE-2021-24838 was published Jan 18, 2022
The WebP Converter for Media WordPress plugin before 4.0.3 contains a file (passthru.php) which... Moderate Unreviewed
CVE-2021-25074 was published Jan 25, 2022
The Event Tickets WordPress plugin before 5.2.2 does not validate the tribe_tickets_redirect_to... Moderate Unreviewed
CVE-2021-25028 was published Jan 25, 2022
Adenza AxiomSL ControllerView through 10.8.1 allows redirection for SSO login URLs. Moderate Unreviewed
CVE-2022-22919 was published Jan 31, 2022
In affected Octopus Server versions when the server HTTP and HTTPS bindings are configured to... Moderate Unreviewed
CVE-2022-23184 was published Feb 8, 2022
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0).... Moderate Unreviewed
CVE-2022-23102 was published Feb 10, 2022
Open Redirect vulnerability exists in SeedDMS 6.0.15 in out.Login.php, which llows remote... Moderate Unreviewed
CVE-2021-45408 was published Feb 10, 2022
The WordPress Newsletter Plugin WordPress plugin before 1.6.5 does not validate the to parameter... Moderate Unreviewed
CVE-2021-25033 was published Feb 15, 2022
A remote URL redirection vulnerability was discovered in HPE OneView Global Dashboard version(s):... Moderate Unreviewed
CVE-2021-29217 was published Feb 25, 2022
In JetBrains TeamCity before 2021.2.1, a redirection to an external site was possible. Moderate Unreviewed
CVE-2022-24330 was published Feb 26, 2022
An issue was discovered in the web application in Cherwell Service Management (CSM) 10.2.3. It... Moderate Unreviewed
CVE-2022-26158 was published Mar 1, 2022
An issue was discovered in the web application in Cherwell Service Management (CSM) 10.2.3.... Moderate Unreviewed
CVE-2022-26156 was published Mar 1, 2022
DLink DIR850 ET850-1.08TRb03 is affected by an incorrect access control vulnerability through URL... Moderate Unreviewed
CVE-2021-46379 was published Mar 5, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database