Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
21
Go
2,003
Maven
5,000+
npm
3,714
NuGet
661
pip
3,387
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

843 advisories

Loading
An issue was discovered in Zimbra Collaboration (ZCS) 10.1.x before 10.1.1, 10.0.x before 10.0.9,... High Unreviewed
CVE-2024-45518 was published Oct 22, 2024
Server-Side Request Forgery (SSRF) vulnerability in WisdmLabs Edwiser Bridge.This issue affects... Moderate Unreviewed
CVE-2024-49312 was published Oct 17, 2024
The Mapplic and Mapplic Lite plugins for WordPress are vulnerable to Server-Side Request Forgery... High Unreviewed
CVE-2012-10018 was published Oct 16, 2024
A Server-Side Request Forgery (SSRF) vulnerability exists in the jpress <= v5.1.1, which can be... High Unreviewed
CVE-2024-46468 was published Oct 11, 2024
A Server-Side Request Forgery (SSRF) vulnerability in SMA1000 appliance firmware versions 12.4.3... Unknown Unreviewed
CVE-2024-45317 was published Oct 11, 2024
An issue has been discovered in GitLab EE affecting all versions starting from 15.10 prior to 17... High Unreviewed
CVE-2024-8977 was published Oct 10, 2024
Server-side request forgery in Ivanti Avalanche before version 6.4.5 allows a remote... High Unreviewed
CVE-2024-47008 was published Oct 8, 2024
Ada.cx's Sentry configuration allowed for blind server-side request forgeries (SSRF) through the... Moderate Unreviewed
CVE-2024-9410 was published Oct 4, 2024
Mattermost versions 9.5.x <= 9.5.8 fail to include the metadata endpoints of Oracle Cloud and... Low Unreviewed
CVE-2024-45843 was published Sep 26, 2024
New Cloud MyOffice SDK Collaborative Editing Server 2.2.2 through 2.8 allows SSRF via... Critical Unreviewed
CVE-2024-47222 was published Sep 23, 2024
An issue in Doccano Open source annotation tools for machine learning practitioners v.1.8.4 and... Moderate Unreviewed
CVE-2024-40441 was published Sep 23, 2024
Server-Side Request Forgery (SSRF) vulnerability in Firsh Justified Image Grid allows Server Side... High Unreviewed
CVE-2024-43989 was published Sep 23, 2024
An improper access control vulnerability in GroupMe allows an a unauthenticated attacker to... High Unreviewed
CVE-2024-38183 was published Sep 17, 2024
A server-side request forgery issue has been discovered in GitLab EE affecting all versions... High Unreviewed
CVE-2024-8635 was published Sep 12, 2024
Possible External Service Interaction attack in eDirectory has been discovered in OpenText™... Moderate Unreviewed
CVE-2021-38132 was published Sep 12, 2024
eladmin v2.7 and before is vulnerable to Server-Side Request Forgery (SSRF) which allows an... Critical Unreviewed
CVE-2024-44677 was published Sep 10, 2024
Loftware Spectrum before 5.1 allows SSRF. High Unreviewed
CVE-2023-37229 was published Sep 10, 2024
Loftware Spectrum (testDeviceConnection) before 5.1 allows SSRF. High Unreviewed
CVE-2023-37230 was published Sep 10, 2024
SeaCMS v13.1 was discovered to a Server-Side Request Forgery (SSRF) via the url parameter at ... Critical Unreviewed
CVE-2024-44721 was published Sep 9, 2024
A server side request forgery vulnerability allows a low-privileged user to perform local... High Unreviewed
CVE-2024-40718 was published Sep 7, 2024
Server-Side Request Forgery (SSRF), Improper Control of Generation of Code ('Code Injection')... High Unreviewed
CVE-2024-45507 was published Sep 4, 2024
The Skitter Slideshow plugin for WordPress is vulnerable to Server-Side Request Forgery in all... High Unreviewed
CVE-2022-1751 was published Aug 17, 2024
XML External Entity (XXE) vulnerability in Terminalfour 8.0.0001 through 8.3.18 and XML JDBC... Moderate Unreviewed
CVE-2024-22219 was published Aug 15, 2024
A Server-Side Request Forgery (SSRF) vulnerability in Terminalfour before 8.3.19 allows... Moderate Unreviewed
CVE-2024-22217 was published Aug 15, 2024
A vulnerability was found in wanglongcn ltcms 1.0.20. It has been declared as critical. Affected... Moderate Unreviewed
CVE-2024-7743 was published Aug 13, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database