Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,703
NuGet
661
pip
3,329
Pub
11
RubyGems
884
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

284 advisories

Loading
Book Stack version 23.10.2 allows filtering local files on the server. This is possible because... High Unreviewed
CVE-2023-6199 was published Nov 21, 2023
Server-Side Request Forgery (SSRF) vulnerability in Vova Anokhin WP Shortcodes Plugin —... High Unreviewed
CVE-2023-23800 was published Nov 13, 2023
Local File Inclusion vulnerability in Midori-global Better PDF Exporter for Jira Server and Jira... High Unreviewed
CVE-2023-42361 was published Nov 8, 2023
The Assistant WordPress plugin before 1.4.4 does not validate a parameter before making a request... High Unreviewed
CVE-2023-5798 was published Oct 26, 2023
umputun remark42 version 1.12.1 and before has a Blind Server-Side Request Forgery (SSRF)... High Unreviewed
CVE-2023-45966 was published Oct 23, 2023
link_to_local_path in ebooks/conversion/plugins/html_input.py in calibre before 6.19.0 can, by... High Unreviewed
CVE-2023-46303 was published Oct 22, 2023
Server-Side Request Forgery vulnerability in SLims version 9.6.0. This vulnerability could allow... High Unreviewed
CVE-2023-3744 was published Oct 2, 2023
The Dropbox Folder Share plugin for WordPress is vulnerable to Server-Side Request Forgery in... High Unreviewed
CVE-2023-3025 was published Sep 16, 2023
Server Side Request Forgery (SSRF) vulnerability in NebulaGraph Studio version 3.7.0, allows... High Unreviewed
CVE-2023-36088 was published Sep 1, 2023
The Booking Manager WordPress plugin before 2.0.29 does not validate URLs input in it's admin... High Unreviewed
CVE-2023-1977 was published Aug 16, 2023
rconfig v3.9.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the path... High Unreviewed
CVE-2023-39110 was published Aug 1, 2023
rconfig v3.9.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the path_b... High Unreviewed
CVE-2023-39108 was published Aug 1, 2023
rconfig v3.9.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the path_a... High Unreviewed
CVE-2023-39109 was published Aug 1, 2023
Server Side Request Forgery vulnerability found in Deskpro Support Desk v2021.21.6 allows... High Unreviewed
CVE-2021-35391 was published Jul 21, 2023
InfoDoc Document On-line Submission and Approval System lacks sufficient restrictions on the... High Unreviewed
CVE-2023-37290 was published Jul 20, 2023
SAP Solution Manager (Diagnostics agent) - version 7.20, allows an unauthenticated attacker to... High Unreviewed
CVE-2023-36925 was published Jul 11, 2023
Shibboleth XMLTooling before 3.2.4, as used in OpenSAML and Shibboleth Service Provider, allows... High Unreviewed
CVE-2023-36661 was published Jun 26, 2023
CData RSB Connect v22.0.8336 was discovered to contain a Server-Side Request Forgery (SSRF). High Unreviewed
CVE-2023-24243 was published Jun 16, 2023
Server-Side Request Forgery (SSRF) in GitHub repository owncast/owncast prior to 0.1.0. High Unreviewed
CVE-2023-3188 was published Jun 10, 2023
Advanced Secure Gateway and Content Analysis, prior to 7.3.13.1 / 3.1.6.0, may be susceptible to... High Unreviewed
CVE-2023-23955 was published Jun 1, 2023
davinci 0.3.0-rc is vulnerable to Server-side request forgery (SSRF). High Unreviewed
CVE-2023-31848 was published May 17, 2023
A Server-Side Request Forgery vulnerability in DELMIA Apriso Release 2017 through Release 2022 ... High Unreviewed
CVE-2023-2140 was published Apr 21, 2023
forem up to v2022.11.11 was discovered to contain a Server-Side Request Forgery (SSRF) via the... High Unreviewed
CVE-2023-27160 was published Mar 31, 2023
Server-Side Request Forgery (SSRF) vulnerability in Infoline Project Management System allows... High Unreviewed
CVE-2023-1725 was published Mar 30, 2023
Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache Fineract.... High Unreviewed
CVE-2023-25195 was published Mar 28, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database