Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,472
Erlang
33
GitHub Actions
24
Go
2,195
Maven
5,000+
npm
3,841
NuGet
696
pip
3,632
Pub
12
RubyGems
911
Rust
910
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,070 advisories

Loading
Apache Druid vulnerable to Server-Side Request Forgery, Cross-site Scripting, Open Redirect Moderate
CVE-2025-27888 was published for org.apache.druid:druid (Maven) Mar 20, 2025
An open redirect vulnerability in haotian-liu/llava version v1.2.0 (LLaVA-1.6) allows a remote... Moderate Unreviewed
CVE-2024-9308 was published Mar 20, 2025
Gradio Vulnerable to Open Redirect Moderate
CVE-2024-8021 was published for gradio (pip) Mar 20, 2025
BentoML Open Redirect vulnerability Moderate
CVE-2024-12760 was published for bentoml (pip) Mar 20, 2025
FastChat open redirect vulnerability Moderate
CVE-2024-10908 was published for fschat (pip) Mar 20, 2025
An open redirect vulnerability in automatic1111/stable-diffusion-webui version 1.10.0 allows a... Moderate Unreviewed
CVE-2024-11044 was published Mar 20, 2025
An open redirect vulnerability exists in binary-husky/gpt_academic version 3.83. The... Moderate Unreviewed
CVE-2024-10812 was published Mar 20, 2025
Dell NetWorker, 19.11.0.3 and below versions, contain(s) an Open Redirect Vulnerability in NMC.... Moderate Unreviewed
CVE-2025-21104 was published Mar 13, 2025
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Akshar Soft Solutions AS... Moderate Unreviewed
CVE-2025-28896 was published Mar 11, 2025
In Zucchetti Ad Hoc Infinity 2.4, an improper check on the m_cURL parameter allows an attacker to... High Unreviewed
CVE-2024-51321 was published Mar 11, 2025
Jenkins Open Redirect vulnerability Moderate
CVE-2025-27625 was published for org.jenkins-ci.main:jenkins-core (Maven) Mar 6, 2025
Websites redirecting to a non-HTTP scheme URL could allow a website address to be spoofed for a... Moderate Unreviewed
CVE-2025-27424 was published Mar 4, 2025
Malicious websites utilizing a server-side redirect to an internal error page could result in a... Moderate Unreviewed
CVE-2025-27426 was published Mar 4, 2025
CodeChecker open redirect when URL contains multiple slashes after the product name Moderate
CVE-2025-1300 was published for codechecker (pip) Mar 3, 2025
Discookie
Nagios XI 2024R1.2.2 is vulnerable to an open redirect flaw on the Tools page, exploitable by... Moderate Unreviewed
CVE-2024-54957 was published Feb 27, 2025
Better Auth allows bypassing the trustedOrigins Protection which leads to ATO Critical
GHSA-vp58-j275-797x was published for better-auth (npm) Feb 24, 2025
castilho101
Beter Auth has an Open Redirect via Scheme-Less Callback Parameter Moderate
CVE-2025-27143 was published for better-auth (npm) Feb 24, 2025
sumeet-darekar Shivaraj-Kolekar
The WPO365 | MICROSOFT 365 GRAPH MAILER plugin for WordPress is vulnerable to Open Redirect in... Moderate Unreviewed
CVE-2025-1488 was published Feb 24, 2025
The WPMobile.App plugin for WordPress is vulnerable to Open Redirect in all versions up to, and... High Unreviewed
CVE-2024-13888 was published Feb 20, 2025
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in HAVELSAN Liman MYS allows... Moderate Unreviewed
CVE-2025-1269 was published Feb 18, 2025
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability Moderate Unreviewed
CVE-2025-21401 was published Feb 15, 2025
Dedecms 5.71sp1 and earlier is vulnerable to URL redirect. In the web application, a logic error... Moderate Unreviewed
CVE-2024-57241 was published Feb 12, 2025
A vulnerability has been identified in Teamcenter (All versions < V14.3.0.0). The SSO login... Moderate Unreviewed
CVE-2025-23363 was published Feb 11, 2025
Authentication bypass in @sap/approuter High
CVE-2025-24876 was published for @sap/approuter (npm) Feb 11, 2025
rosenblueh
The User Account and Authentication service (UAA) for SAP HANA extended application services,... High Unreviewed
CVE-2025-24868 was published Feb 11, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database