Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,743
Erlang
35
GitHub Actions
29
Go
2,318
Maven
5,000+
npm
3,950
NuGet
711
pip
3,729
Pub
12
RubyGems
920
Rust
965
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,120 advisories

Loading
An open redirection vulnerability exists in multiple WSO2 products due to improper validation of... Moderate Unreviewed
CVE-2024-1440 was published Jun 2, 2025
Mautic has an Open Redirect vulnerability on user unlock path. Moderate
CVE-2025-5256 was published for mautic/core (Composer) May 28, 2025
tomekkowalczyk patrykgruszka
nick-vanpraet
ZITADEL Allows Account Takeover via Malicious X-Forwarded-Proto Header Injection High
CVE-2025-48936 was published for github.com/zitadel/zitadel (Go) May 28, 2025
amit-laish livio-a
eliobischof
A vulnerability was found in Summer Pearl Group Vacation Rental Management Platform up to 1.0.1... Moderate Unreviewed
CVE-2025-5183 was published May 26, 2025
CWE-601: URL Redirection to Untrusted Site ('Open Redirect') Moderate Unreviewed
CVE-2025-23183 was published May 22, 2025
The Affiliate Sales in Google Analytics and other tools plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-12561 was published May 21, 2025
In JetBrains TeamCity before 2025.03.2 open redirect was possible on editing VCS Root page Moderate Unreviewed
CVE-2025-47854 was published May 20, 2025
A vulnerability, which was classified as problematic, was found in kanwangzjm Funiture up to... Moderate Unreviewed
CVE-2025-4838 was published May 18, 2025
Flask-AppBuilder open redirect vulnerability using HTTP host injection Moderate
CVE-2025-32962 was published for flask-appbuilder (pip) May 16, 2025
mar0n0
Open redirection vulnerability in IceWarp Mail Server affecting version 11.4.0. This... Moderate Unreviewed
CVE-2025-40630 was published May 16, 2025
The Live Auction Cockpit in SAP Supplier Relationship Management (SRM) uses a deprecated java... Moderate Unreviewed
CVE-2025-30010 was published May 13, 2025
A vulnerability classified as problematic was found in Catalyst User Key Authentication Plugin... Moderate Unreviewed
CVE-2025-4513 was published May 10, 2025
Rapid7 Corporate Website prior to May 2nd 2025, suffered from a URL Redirection to Untrusted Site... Low Unreviewed
CVE-2025-4132 was published May 8, 2025
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in formsintegrations... Moderate Unreviewed
CVE-2025-47644 was published May 7, 2025
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks Integration for... Moderate Unreviewed
CVE-2025-47455 was published May 7, 2025
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks WP Gravity Forms... Moderate Unreviewed
CVE-2025-47454 was published May 7, 2025
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in CRM Perks WP Gravity Forms... Moderate Unreviewed
CVE-2025-47456 was published May 7, 2025
A vulnerability was found in fp2952 spring-cloud-base up to... Moderate Unreviewed
CVE-2025-4328 was published May 6, 2025
@misskey-dev/summaly Redirect Filter Bypass Low
CVE-2025-46553 was published for @misskey-dev/summaly (npm) May 5, 2025
warriordog
@cloudflare/workers-oauth-provider missing validation of redirect_uri on authorize endpoint Moderate
CVE-2025-4143 was published for @cloudflare/workers-oauth-provider (npm) May 1, 2025
Duplicate Advisory: @cloudflare/workers-oauth-provider missing validation of redirect_uri on authorize endpoint Moderate
GHSA-7cp4-jw97-3rc2 was published for @cloudflare/workers-oauth-provider (npm) May 1, 2025 withdrawn
Websites directing users to long URLs that caused eliding to occur in the location view could... Moderate Unreviewed
CVE-2025-3859 was published Apr 30, 2025
org.xwiki.platform:xwiki-platform-wysiwyg-api Open Redirect vulnerability Moderate
CVE-2025-32970 was published for org.xwiki.platform:xwiki-platform-wysiwyg-api (Maven) Apr 29, 2025
An open redirect vulnerability was reported in the FileZ client that could allow information... Moderate Unreviewed
CVE-2025-2068 was published Apr 25, 2025
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Heateor Support Sassy Social... Moderate Unreviewed
CVE-2025-39404 was published Apr 24, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database