Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,466
Erlang
33
GitHub Actions
22
Go
2,166
Maven
5,000+
npm
3,829
NuGet
696
pip
3,507
Pub
12
RubyGems
909
Rust
904
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,062 advisories

Loading
Jenkins affected by Open Redirect Vulnerability High
CVE-2016-3726 was published for org.jenkins-ci.main:jenkins-core (Maven) May 14, 2022
Jenkins affected by Open Redirect Vulnerability Low
CVE-2012-6073 was published for org.jenkins-ci.main:jenkins-core (Maven) May 14, 2022
Dell NetWorker, 19.11.0.3 and below versions, contain(s) an Open Redirect Vulnerability in NMC.... Moderate Unreviewed
CVE-2025-21104 was published Mar 13, 2025
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Akshar Soft Solutions AS... Moderate Unreviewed
CVE-2025-28896 was published Mar 11, 2025
Open redirect in web2py Moderate
CVE-2023-22432 was published for web2py (pip) Mar 6, 2023
Flask-AppBuilder Open Redirect vulnerability Moderate
CVE-2021-32805 was published for Flask-AppBuilder (pip) Sep 8, 2021
Jenkins Open Redirect vulnerability Moderate
CVE-2025-27625 was published for org.jenkins-ci.main:jenkins-core (Maven) Mar 6, 2025
Websites redirecting to a non-HTTP scheme URL could allow a website address to be spoofed for a... Moderate Unreviewed
CVE-2025-27424 was published Mar 4, 2025
Malicious websites utilizing a server-side redirect to an internal error page could result in a... Moderate Unreviewed
CVE-2025-27426 was published Mar 4, 2025
CodeChecker open redirect when URL contains multiple slashes after the product name Moderate
CVE-2025-1300 was published for codechecker (pip) Mar 3, 2025
Discookie
Nagios XI 2024R1.2.2 is vulnerable to an open redirect flaw on the Tools page, exploitable by... Moderate Unreviewed
CVE-2024-54957 was published Feb 27, 2025
Better Auth allows bypassing the trustedOrigins Protection which leads to ATO Critical
GHSA-vp58-j275-797x was published for better-auth (npm) Feb 24, 2025
castilho101
Microsoft Edge (Chromium-based) Spoofing Vulnerability Moderate Unreviewed
CVE-2023-24935 was published Apr 11, 2023
Microsoft Edge (Chromium-based) Webview2 Spoofing Vulnerability High Unreviewed
CVE-2023-24892 was published Mar 14, 2023
Beter Auth has an Open Redirect via Scheme-Less Callback Parameter Moderate
CVE-2025-27143 was published for better-auth (npm) Feb 24, 2025
sumeet-darekar Shivaraj-Kolekar
The WPO365 | MICROSOFT 365 GRAPH MAILER plugin for WordPress is vulnerable to Open Redirect in... Moderate Unreviewed
CVE-2025-1488 was published Feb 24, 2025
The WPMobile.App plugin for WordPress is vulnerable to Open Redirect in all versions up to, and... High Unreviewed
CVE-2024-13888 was published Feb 20, 2025
smartbanner.js rel noopener vulnerability Low
CVE-2025-25300 was published for smartbanner.js (npm) Sep 13, 2019
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in HAVELSAN Liman MYS allows... Moderate Unreviewed
CVE-2025-1269 was published Feb 18, 2025
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability Moderate Unreviewed
CVE-2025-21401 was published Feb 15, 2025
Dedecms 5.71sp1 and earlier is vulnerable to URL redirect. In the web application, a logic error... Moderate Unreviewed
CVE-2024-57241 was published Feb 12, 2025
Spring Web vulnerable to Open Redirect or Server Side Request Forgery High
CVE-2024-22243 was published for org.springframework:spring-web (Maven) Feb 23, 2024
yoshizawa-masatoshi
Spring Framework URL Parsing with Host Validation Vulnerability High
CVE-2024-22259 was published for org.springframework:spring-web (Maven) Mar 16, 2024
yoshizawa-masatoshi
Spring Framework URL Parsing with Host Validation High
CVE-2024-22262 was published for org.springframework:spring-web (Maven) Apr 16, 2024
Authentication bypass in @sap/approuter High
CVE-2025-24876 was published for @sap/approuter (npm) Feb 11, 2025
rosenblueh
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database