GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,536
Composer 4,189
Erlang 31
GitHub Actions 19
Go 1,985
Maven 5,160
npm 3,701
NuGet 657
pip 3,326
Pub 11
RubyGems 882
Rust 836
Swift 35

Unreviewed advisories

All unreviewed 233,477

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,123 advisories

Filter by severity

Sort by

Least recently updated

Apache Karaf Cave: Cave SSRF and arbitrary file access Critical

CVE-2024-34365 was published for org.apache.karaf:cave (Maven) May 14, 2024

An issue in Open-Source Technology Committee SRS real-time video server RS/4.0.268(Leo) and SRS/4... High Unreviewed

CVE-2024-33250 was published May 14, 2024

lobe-chat `/api/proxy` endpoint Server-Side Request Forgery vulnerability Critical

CVE-2024-32964 was published for @lobehub/chat (npm) May 10, 2024

Next.js Server-Side Request Forgery in Server Actions High

CVE-2024-34351 was published for next (npm) May 9, 2024

An issue was discovered in Logpoint before 7.4.0. Due to a lack of input validation on URLs in... Critical Unreviewed

CVE-2024-33857 was published May 7, 2024

TwoNav 2.1.13 contains an SSRF vulnerability via the url paramater to index.php?c=api&method... Moderate Unreviewed

CVE-2024-34453 was published May 3, 2024

An issue was discovered in Teledyne FLIR M300 2.00-19. Unauthenticated remote code execution can... Critical Unreviewed

CVE-2023-46295 was published May 1, 2024

OneNav v0.9.35-20240318 was discovered to contain a Server-Side Request Forgery (SSRF) via the... Moderate Unreviewed

CVE-2024-33832 was published Apr 30, 2024

Server-Side Request Forgery (SSRF) vulnerability in codeSavory Knowledge Base documentation &... Moderate Unreviewed

CVE-2024-33590 was published Apr 29, 2024

Server-Side Request Forgery (SSRF) vulnerability in Cusmin Absolutely Glamorous Custom Admin.This... Moderate Unreviewed

CVE-2024-33627 was published Apr 29, 2024

Server-Side Request Forgery (SSRF) vulnerability in Creative Motion Auto Featured Image (Auto... Moderate Unreviewed

CVE-2024-33629 was published Apr 29, 2024

Server-Side Request Forgery (SSRF) vulnerability in Piotnet Piotnet Addons For Elementor Pro.This... Moderate Unreviewed

CVE-2024-33634 was published Apr 29, 2024

Server-Side Request Forgery (SSRF) vulnerability in SoftLab Radio Player.This issue affects Radio... Moderate Unreviewed

CVE-2024-33592 was published Apr 25, 2024

Server-Side Request Forgery (SSRF) vulnerability in Podlove Podlove Podcast Publisher.This issue... Moderate Unreviewed

CVE-2024-32812 was published Apr 24, 2024

Server-Side Request Forgery (SSRF) vulnerability in 2day.Sk, Webikon SuperFaktura WooCommerce... Moderate Unreviewed

CVE-2024-32803 was published Apr 24, 2024

Server-Side Request Forgery (SSRF) vulnerability in Pavex Embed Google Photos album.This issue... Moderate Unreviewed

CVE-2024-32775 was published Apr 24, 2024

Server-Side Request Forgery (SSRF) vulnerability in Foliovision FV Flowplayer Video Player.This... Moderate Unreviewed

CVE-2024-32955 was published Apr 24, 2024

Server-Side Request Forgery (SSRF) vulnerability in Webangon The Pack Elementor.This issue... Moderate Unreviewed

CVE-2024-32718 was published Apr 24, 2024

Server-Side Request Forgery (SSRF) vulnerability in Culqi.This issue affects Culqi: from n/a... Moderate Unreviewed

CVE-2024-32819 was published Apr 24, 2024

An issue in inducer relate before v.2024.1 allows a remote attacker to execute arbitrary code via... High Unreviewed

CVE-2024-32407 was published Apr 22, 2024

Apache HugeGraph-Hubble: SSRF in Hubble connection page Moderate

CVE-2024-27347 was published for org.apache.hugegraph:hugegraph-hubble (Maven) Apr 22, 2024

A server-side request forgery (SSRF) was discovered in the Akana Community Manager Developer... Critical Unreviewed

CVE-2024-2796 was published Apr 18, 2024

Server-Side Request Forgery (SSRF) vulnerability in Really Simple Plugins Really Simple SSL.This... Moderate Unreviewed

CVE-2024-31229 was published Apr 18, 2024

Blind SSRF Leads to Port Scan by using Webhooks Moderate

CVE-2024-29035 was published for Umbraco.Cms.Core (NuGet) Apr 17, 2024

IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3... Moderate Unreviewed

CVE-2024-22329 was published Apr 17, 2024

Previous 1 2 … 5 6 7 8 9 … 44 45 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,123 advisories