GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,565
Composer 4,201
Erlang 31
GitHub Actions 19
Go 1,986
Maven 5,163
npm 3,702
NuGet 660
pip 3,328
Pub 11
RubyGems 883
Rust 843
Swift 36

Unreviewed advisories

All unreviewed 233,930

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

363 advisories

Filter by severity

Sort by

Least recently updated

Server-Side Request Forgery (SSRF) vulnerability in I Thirteen Web Solution Responsive Filterable... Moderate Unreviewed

CVE-2024-51785 was published Nov 9, 2024

The Code Embed plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions... Moderate Unreviewed

CVE-2024-10814 was published Nov 9, 2024

Northern.tech Mender before 3.6.6 and 3.7.x before 3.7.7 allows SSRF. Moderate Unreviewed

CVE-2024-46947 was published Nov 8, 2024

Server-Side Request Forgery (SSRF) vulnerability in Noor alam Magical Addons For Elementor allows... Moderate Unreviewed

CVE-2024-51665 was published Nov 4, 2024

A Server-Side Request Forgery (SSRF) vulnerability has been identified in eladmin 2.7 and earlier... Moderate Unreviewed

CVE-2024-51242 was published Oct 30, 2024

xtreme1 <= v0.9.1 contains a Server-Side Request Forgery (SSRF) vulnerability in the /api/data... Moderate Unreviewed

CVE-2024-48346 was published Oct 30, 2024

SparkShop <=1.1.7 is vulnerable to server-side request forgery (SSRF). This vulnerability allows... Moderate Unreviewed

CVE-2024-48107 was published Oct 28, 2024

An issue was discovered in mipjz 5.0.5. In the push method of app\tag\controller\ApiAdminTag.php... Moderate Unreviewed

CVE-2024-48234 was published Oct 26, 2024

An issue was found in mipjz 5.0.5. In the mipPost method of \app\setting\controller\ApiAdminTool... Moderate Unreviewed

CVE-2024-48232 was published Oct 25, 2024

An arbitrary file upload vulnerability in Huly Platform v0.6.295 allows attackers to execute... Moderate Unreviewed

CVE-2024-48450 was published Oct 25, 2024

Server-Side Request Forgery (SSRF) vulnerability in WisdmLabs Edwiser Bridge.This issue affects... Moderate Unreviewed

CVE-2024-49312 was published Oct 17, 2024

Ada.cx's Sentry configuration allowed for blind server-side request forgeries (SSRF) through the... Moderate Unreviewed

CVE-2024-9410 was published Oct 4, 2024

An issue in Doccano Open source annotation tools for machine learning practitioners v.1.8.4 and... Moderate Unreviewed

CVE-2024-40441 was published Sep 23, 2024

Possible External Service Interaction attack in eDirectory has been discovered in OpenText™... Moderate Unreviewed

CVE-2021-38132 was published Sep 12, 2024

XML External Entity (XXE) vulnerability in Terminalfour 8.0.0001 through 8.3.18 and XML JDBC... Moderate Unreviewed

CVE-2024-22219 was published Aug 15, 2024

A Server-Side Request Forgery (SSRF) vulnerability in Terminalfour before 8.3.19 allows... Moderate Unreviewed

CVE-2024-22217 was published Aug 15, 2024

A vulnerability was found in wanglongcn ltcms 1.0.20. It has been classified as critical.... Moderate Unreviewed

CVE-2024-7742 was published Aug 13, 2024

A vulnerability has been found in wanglongcn ltcms 1.0.20 and classified as critical. This... Moderate Unreviewed

CVE-2024-7740 was published Aug 13, 2024

A vulnerability was found in wanglongcn ltcms 1.0.20. It has been declared as critical. Affected... Moderate Unreviewed

CVE-2024-7743 was published Aug 13, 2024

SAP CRM ABAP (Insights Management) allows an authenticated attacker to enumerate HTTP endpoints... Moderate Unreviewed

CVE-2024-41737 was published Aug 13, 2024

Server Side Request Forgery (SSRF) vulnerability in Pixelcurve Edubin edubin.This issue affects... Moderate Unreviewed

CVE-2024-39637 was published Aug 2, 2024

Server-Side Request Forgery (SSRF) vulnerability in Jordy Meow AI Engine: ChatGPT Chatbot allows... Moderate Unreviewed

CVE-2024-38791 was published Aug 1, 2024

The Remote Content Shortcode plugin for WordPress is vulnerable to Server-Side Request Forgery in... Moderate Unreviewed

CVE-2024-2090 was published Aug 1, 2024

A vulnerability has been found in YouDianCMS 7 and classified as critical. Affected by this... Moderate Unreviewed

CVE-2024-7330 was published Aug 1, 2024

Automation Anywhere Automation 360 v21-v32 is vulnerable to Server-Side Request Forgery in a web... Moderate Unreviewed

CVE-2024-6922 was published Jul 26, 2024

Previous 1 2 3 4 5 … 14 15 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

363 advisories