Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,080 advisories

Loading
Adminer and AdminerEvo are vulnerable to SSRF via database connection fields. This could allow an... Unknown Unreviewed
CVE-2023-45195 was published Jun 25, 2024
A Server-Side Request Forgery vulnerability was identified in GitHub Enterprise Server that... High Unreviewed
CVE-2024-5746 was published Jun 21, 2024
Strapi v4.24.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the component ... High Unreviewed
CVE-2024-37818 was published Jun 20, 2024
Lobe Chat API Key Leak Moderate
CVE-2024-37895 was published for @lobehub/chat (npm) Jun 17, 2024
zhuozhiyongde
Magento Open Source Server-Side Request Forgery (SSRF) vulnerability Moderate
CVE-2024-34111 was published for magento/community-edition (Composer) Jun 13, 2024
The TablePress – Tables in WordPress made easy plugin for WordPress is vulnerable to Server-Side... Moderate Unreviewed
CVE-2024-4354 was published Jun 7, 2024
A Server-Side Request Forgery (SSRF) vulnerability exists in the lunary-ai/lunary application,... High Unreviewed
CVE-2024-5328 was published Jun 6, 2024
A Server-Side Request Forgery (SSRF) vulnerability exists in the stangirard/quivr application,... High Unreviewed
CVE-2024-4851 was published Jun 6, 2024
A Server-Side Request Forgery (SSRF) vulnerability exists in the file upload section of imartinez... High Unreviewed
CVE-2024-5186 was published Jun 6, 2024
A Server-Side Request Forgery (SSRF) vulnerability exists in the upload link feature of mintplex... Critical Unreviewed
CVE-2024-3149 was published Jun 6, 2024
Server-Side Request Forgery in langchain-community.retrievers.web_research.WebResearchRetriever Moderate
CVE-2024-3095 was published for langchain-community (pip) Jun 6, 2024
eyurtsev
Server-Side Request Forgery in gradio High
CVE-2024-4325 was published for gradio (pip) Jun 6, 2024
A Server-Side Request Forgery (SSRF) vulnerability exists in the 'add_webpage' endpoint of the... High Unreviewed
CVE-2024-5482 was published Jun 6, 2024
A host whitelist parser issue in the proxy service implemented in the GravityZone Update Server... High Unreviewed
CVE-2024-4177 was published Jun 6, 2024
A vulnerability in the web-based management interface of Cisco Finesse could allow an... High Unreviewed
CVE-2024-20404 was published Jun 5, 2024
Grafana OnCall is an easy-to-use on-call management tool that will help reduce toil in on-call... High Unreviewed
CVE-2024-5526 was published Jun 5, 2024
LyLme_spage v1.9.5 is vulnerable to Server-Side Request Forgery (SSRF) via the get_head function. Critical Unreviewed
CVE-2024-36675 was published Jun 5, 2024
A Server-Side Request Forgery (SSRF) vulnerability exists in the latest version of mintplex-labs... High Unreviewed
CVE-2024-4084 was published Jun 5, 2024
Prior to 23.2, it is possible to perform arbitrary Server-Side requests via HTTP-based connectors... Moderate Unreviewed
CVE-2024-4219 was published Jun 4, 2024
Server-Side Request Forgery (SSRF) vulnerability in WPManageNinja LLC Ninja Tables.This issue... Moderate Unreviewed
CVE-2024-35635 was published Jun 3, 2024
Server-Side Request Forgery (SSRF) vulnerability in CreativeThemes Blocksy Companion.This issue... Moderate Unreviewed
CVE-2024-35633 was published Jun 3, 2024
Server-Side Request Forgery (SSRF) vulnerability in Church Admin.This issue affects Church Admin:... Moderate Unreviewed
CVE-2024-35637 was published Jun 3, 2024
ip SSRF improper categorization in isPublic High
CVE-2024-29415 was published for ip (npm) Jun 2, 2024
ThisIsMissEm
VuFind Server-Side Request Forgery (SSRF) vulnerability Critical
CVE-2024-25738 was published for vufind/vufind (Composer) May 22, 2024
VuFind Server-Side Request Forgery (SSRF) vulnerability Critical
CVE-2024-25737 was published for vufind/vufind (Composer) May 22, 2024
ProTip! Advisories are also available from the GraphQL API