GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
21
Go
2,002
Maven
5,000+
npm
3,713
NuGet
661
pip
3,384
Pub
11
RubyGems
885
Rust
850
Swift
36
Unreviewed advisories
All unreviewed
5,000+
1,136 advisories
Filter by severity
OpenShift Console Server Side Request Forgery vulnerability
Moderate
CVE-2024-6538
was published
for
github.com/openshift/console
(Go)
Nov 25, 2024
PostHog database_schema Server-Side Request Forgery Information Disclosure Vulnerability. This...
High
Unreviewed
CVE-2024-9710
was published
Nov 22, 2024
A vulnerability classified as critical was found in IPC Unigy Management System 04.03.00.08.0027....
Moderate
Unreviewed
CVE-2024-11618
was published
Nov 22, 2024
A server-side request forgery (SSRF) vulnerability has been reported to affect Notes Station 3....
Critical
Unreviewed
CVE-2024-38645
was published
Nov 22, 2024
GeoNode Server Side Request forgery
High
CVE-2023-40017
was published
for
geonode
(pip)
Nov 21, 2024
Applications that use Wget to access a remote resource using shorthand URLs and pass arbitrary...
Moderate
Unreviewed
CVE-2024-10524
was published
Nov 19, 2024
Server-Side Request Forgery (SSRF), Improper Control of Generation of Code ('Code Injection')...
Critical
Unreviewed
CVE-2024-47208
was published
Nov 18, 2024
A Server-Side Request Forgery (SSRF) vulnerability was discovered in chatwoot/chatwoot, affecting...
High
Unreviewed
CVE-2021-3742
was published
Nov 15, 2024
A server-side request forgery in PAN-OS software enables an unauthenticated attacker to use the...
Moderate
Unreviewed
CVE-2024-5917
was published
Nov 14, 2024
The urllib.parse.urlsplit() and urlparse() functions improperly validated bracketed hosts (`[]`),...
Moderate
Unreviewed
CVE-2024-11168
was published
Nov 13, 2024
Adobe Commerce versions 3.2.5 and earlier are affected by a Server-Side Request Forgery (SSRF)...
High
Unreviewed
CVE-2024-49521
was published
Nov 12, 2024
Server-Side Request Forgery (SSRF) vulnerability in I Thirteen Web Solution Responsive Filterable...
Moderate
Unreviewed
CVE-2024-51785
was published
Nov 9, 2024
The Code Embed plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions...
Moderate
Unreviewed
CVE-2024-10814
was published
Nov 9, 2024
Northern.tech Mender before 3.6.6 and 3.7.x before 3.7.7 allows SSRF.
Moderate
Unreviewed
CVE-2024-46947
was published
Nov 8, 2024
Northern.tech Hosted Mender before 2024.07.11 allows SSRF.
Low
Unreviewed
CVE-2024-47190
was published
Nov 8, 2024
An issue was discovered in Logpoint before 7.5.0. Server-Side Request Forgery (SSRF) on SOAR can...
High
Unreviewed
CVE-2024-48951
was published
Nov 7, 2024
An issue in Linux Server Heimdall v.2.6.1 allows a remote attacker to execute arbitrary code via...
Critical
Unreviewed
CVE-2024-51358
was published
Nov 6, 2024
gradio Server Side Request Forgery vulnerability
Moderate
CVE-2024-48052
was published
for
gradio
(pip)
Nov 5, 2024
Server-Side Request Forgery (SSRF) vulnerability in Noor alam Magical Addons For Elementor allows...
Moderate
Unreviewed
CVE-2024-51665
was published
Nov 4, 2024
AppSmith Community 1.8.3 before 1.46 allows SSRF via New DataSource for application/json requests...
High
Unreviewed
CVE-2024-51408
was published
Nov 4, 2024
Qualitor v8.24 was discovered to contain a Server-Side Request Forgery (SSRF) via the component ...
High
Unreviewed
CVE-2024-48360
was published
Oct 31, 2024
xtreme1 <= v0.9.1 contains a Server-Side Request Forgery (SSRF) vulnerability in the /api/data...
Moderate
Unreviewed
CVE-2024-48346
was published
Oct 30, 2024
A Server-Side Request Forgery (SSRF) vulnerability has been identified in eladmin 2.7 and earlier...
Moderate
Unreviewed
CVE-2024-51242
was published
Oct 30, 2024
SparkShop <=1.1.7 is vulnerable to server-side request forgery (SSRF). This vulnerability allows...
Moderate
Unreviewed
CVE-2024-48107
was published
Oct 28, 2024
newbee-mall v1.0.0 is vulnerable to Server-Side Request Forgery (SSRF) via the goodsCoverImg...
High
Unreviewed
CVE-2024-48178
was published
Oct 28, 2024
ProTip!
Advisories are also available from the
GraphQL API