Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,080 advisories

Loading
Server-side request forgery (SSRF) vulnerability exists in a-blog cms Ver.3.1.x series versions... Moderate Unreviewed
CVE-2024-30420 was published May 22, 2024
Withdrawn Advisory: Weights and Biases (wandb) has a Server-Side Request Forgery (SSRF) vulnerability High
CVE-2024-4642 was published for wandb (pip) May 16, 2024 withdrawn
Server Side Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200.... Moderate Unreviewed
CVE-2024-3970 was published May 15, 2024
Server Side Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200.... Moderate Unreviewed
CVE-2024-3485 was published May 15, 2024
ITPison OMICARD EDM fails to properly filter specific URL parameter, allowing unauthenticated... Moderate Unreviewed
CVE-2024-4894 was published May 15, 2024
The Proofpoint Encryption endpoint of Proofpoint Enterprise Protection contains a Server-Side... Moderate Unreviewed
CVE-2024-0862 was published May 14, 2024
In WhatsUp Gold versions released before 2023.1.2 , a blind SSRF vulnerability exists in... Moderate Unreviewed
CVE-2024-4561 was published May 14, 2024
In WhatsUp Gold versions released before 2023.1.2 , an SSRF vulnerability exists in Whatsup... Moderate Unreviewed
CVE-2024-4562 was published May 14, 2024
An issue was discovered in linqi before 1.4.0.1 on Windows. There is SSRF via Document template... Moderate Unreviewed
CVE-2024-33864 was published May 14, 2024
Server-Side Request Forgery (SSRF) vulnerability in ShortPixel ShortPixel Adaptive Images.This... Moderate Unreviewed
CVE-2024-35172 was published May 14, 2024
Apache Karaf Cave: Cave SSRF and arbitrary file access Critical
CVE-2024-34365 was published for org.apache.karaf:cave (Maven) May 14, 2024
lobe-chat `/api/proxy` endpoint Server-Side Request Forgery vulnerability Critical
CVE-2024-32964 was published for @lobehub/chat (npm) May 10, 2024
yyzsec
Next.js Server-Side Request Forgery in Server Actions High
CVE-2024-34351 was published for next (npm) May 9, 2024
An issue was discovered in Logpoint before 7.4.0. Due to a lack of input validation on URLs in... Critical Unreviewed
CVE-2024-33857 was published May 7, 2024
TwoNav 2.1.13 contains an SSRF vulnerability via the url paramater to index.php?c=api&method... Moderate Unreviewed
CVE-2024-34453 was published May 3, 2024
An issue was discovered in Teledyne FLIR M300 2.00-19. Unauthenticated remote code execution can... Critical Unreviewed
CVE-2023-46295 was published May 1, 2024
OneNav v0.9.35-20240318 was discovered to contain a Server-Side Request Forgery (SSRF) via the... Moderate Unreviewed
CVE-2024-33832 was published Apr 30, 2024
Server-Side Request Forgery (SSRF) vulnerability in codeSavory Knowledge Base documentation &... Moderate Unreviewed
CVE-2024-33590 was published Apr 29, 2024
Server-Side Request Forgery (SSRF) vulnerability in Cusmin Absolutely Glamorous Custom Admin.This... Moderate Unreviewed
CVE-2024-33627 was published Apr 29, 2024
Server-Side Request Forgery (SSRF) vulnerability in Creative Motion Auto Featured Image (Auto... Moderate Unreviewed
CVE-2024-33629 was published Apr 29, 2024
Server-Side Request Forgery (SSRF) vulnerability in Piotnet Piotnet Addons For Elementor Pro.This... Moderate Unreviewed
CVE-2024-33634 was published Apr 29, 2024
Server-Side Request Forgery (SSRF) vulnerability in SoftLab Radio Player.This issue affects Radio... Moderate Unreviewed
CVE-2024-33592 was published Apr 25, 2024
Server-Side Request Forgery (SSRF) vulnerability in Podlove Podlove Podcast Publisher.This issue... Moderate Unreviewed
CVE-2024-32812 was published Apr 24, 2024
Server-Side Request Forgery (SSRF) vulnerability in 2day.Sk, Webikon SuperFaktura WooCommerce... Moderate Unreviewed
CVE-2024-32803 was published Apr 24, 2024
Server-Side Request Forgery (SSRF) vulnerability in Foliovision FV Flowplayer Video Player.This... Moderate Unreviewed
CVE-2024-32955 was published Apr 24, 2024
ProTip! Advisories are also available from the GraphQL API