Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,201
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,702
NuGet
660
pip
3,328
Pub
11
RubyGems
883
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,125 advisories

Loading
Server-Side Request Forgery (SSRF) vulnerability in Kadence WP Gutenberg Blocks by Kadence Blocks... High Unreviewed
CVE-2024-23500 was published Mar 28, 2024
Server-Side Request Forgery (SSRF) vulnerability in ThemeFusion Avada.This issue affects Avada:... High Unreviewed
CVE-2023-39313 was published Mar 28, 2024
gradio Server-Side Request Forgery vulnerability High
CVE-2024-2206 was published for gradio (pip) Mar 27, 2024
The CRM platform Twenty version 0.3.0 is vulnerable to SSRF via file upload. Moderate Unreviewed
CVE-2024-28435 was published Mar 25, 2024
SSRF Vulnerability on assetlinks_check(act_name, well_knowns) High
CVE-2024-29190 was published for mobsfscan (pip) Mar 22, 2024
bulutenes aydinnyunus
A vulnerability, which was classified as critical, has been found in lakernote EasyAdmin up to... Moderate Unreviewed
CVE-2024-2827 was published Mar 22, 2024
A vulnerability, which was classified as critical, was found in lakernote EasyAdmin up to... Moderate Unreviewed
CVE-2024-2828 was published Mar 22, 2024
Server Side Request Forgery (SSRF) vulnerability in Likeshop before 2.5.7 allows attackers to... Moderate Unreviewed
CVE-2024-24028 was published Mar 21, 2024
An SSRF issue in REBUILD v.3.5 allows a remote attacker to obtain sensitive information and... Critical Unreviewed
CVE-2024-25294 was published Mar 20, 2024
SSRF vulnerability using the Aegis DataBinding in Apache CXF Critical
CVE-2024-28752 was published for org.apache.cxf:cxf-core (Maven) Mar 15, 2024
Whoogle Search Server-Side Request Forgery vulnerability Critical
CVE-2024-22205 was published for whoogle-search (pip) Mar 14, 2024
Whoogle Search Path Traversal vulnerability Critical
CVE-2024-22203 was published for whoogle-search (pip) Mar 14, 2024
This is a Server-Side Request Forgery (SSRF) vulnerability in the PaperCut NG/MF server-side... Moderate Unreviewed
CVE-2024-1884 was published Mar 14, 2024
Server-Side Request Forgery (SSRF) in Citrix SD-WAN Standard/Premium Editions on or after 11.4.0... Moderate Unreviewed
CVE-2024-2049 was published Mar 12, 2024
Server Side Request Forgery (SSRF) vulnerability in hcengineering Huly Platform v.0.6.202 allows... Moderate Unreviewed
CVE-2024-27707 was published Mar 7, 2024
RSSHub vulnerable to Server-Side Request Forgery Moderate
CVE-2024-27927 was published for rsshub (npm) Mar 6, 2024
ouuan DIYgod
A Server-Side Request Forgery (SSRF) in pictureproxy.php of ChatGPT commit f9f4bbc allows... Moderate Unreviewed
CVE-2024-27564 was published Mar 5, 2024
A Server-Side Request Forgery (SSRF) in the installUpdateThemePluginAction function of WonderCMS... Critical Unreviewed
CVE-2024-27561 was published Mar 5, 2024
A Server-Side Request Forgery (SSRF) in the getFileFromRepo function of WonderCMS v3.1.3 allows... Moderate Unreviewed
CVE-2024-27563 was published Mar 5, 2024
A Server-Side Request Forgery (SSRF) in weixin.php of ChatGPT-wechat-personal commit a0857f6... Critical Unreviewed
CVE-2024-27565 was published Mar 5, 2024
A vulnerability was found in Harrison Chase LangChain 0.1.9. It has been classified as critical.... Moderate Unreviewed
CVE-2024-2057 was published Mar 1, 2024
Server-Side Request Forgery (SSRF) vulnerability in sirv.Com Image Optimizer, Resizer and CDN –... Moderate Unreviewed
CVE-2024-27949 was published Mar 1, 2024
Recipes version 1.5.10 allows arbitrary HTTP requests to be made through the server. This is... Moderate Unreviewed
CVE-2024-0403 was published Mar 1, 2024
An issue was discovered in RWS WorldServer before 11.7.3. An authenticated, remote attacker can... High Unreviewed
CVE-2022-34269 was published Feb 29, 2024
An issue in open-emr before v.7.0.2 allows a remote attacker to escalate privileges via a crafted... Low Unreviewed
CVE-2024-26476 was published Feb 29, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database