GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
21
Go
2,003
Maven
5,000+
npm
3,714
NuGet
661
pip
3,387
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
286 advisories
Filter by severity
PostHog database_schema Server-Side Request Forgery Information Disclosure Vulnerability. This...
High
Unreviewed
CVE-2024-9710
was published
Nov 22, 2024
A Server-Side Request Forgery (SSRF) vulnerability was discovered in chatwoot/chatwoot, affecting...
High
Unreviewed
CVE-2021-3742
was published
Nov 15, 2024
Adobe Commerce versions 3.2.5 and earlier are affected by a Server-Side Request Forgery (SSRF)...
High
Unreviewed
CVE-2024-49521
was published
Nov 12, 2024
An issue was discovered in Logpoint before 7.5.0. Server-Side Request Forgery (SSRF) on SOAR can...
High
Unreviewed
CVE-2024-48951
was published
Nov 7, 2024
AppSmith Community 1.8.3 before 1.46 allows SSRF via New DataSource for application/json requests...
High
Unreviewed
CVE-2024-51408
was published
Nov 4, 2024
Qualitor v8.24 was discovered to contain a Server-Side Request Forgery (SSRF) via the component ...
High
Unreviewed
CVE-2024-48360
was published
Oct 31, 2024
newbee-mall v1.0.0 is vulnerable to Server-Side Request Forgery (SSRF) via the goodsCoverImg...
High
Unreviewed
CVE-2024-48178
was published
Oct 28, 2024
An issue was discovered in Zimbra Collaboration (ZCS) 10.1.x before 10.1.1, 10.0.x before 10.0.9,...
High
Unreviewed
CVE-2024-45518
was published
Oct 22, 2024
The Mapplic and Mapplic Lite plugins for WordPress are vulnerable to Server-Side Request Forgery...
High
Unreviewed
CVE-2012-10018
was published
Oct 16, 2024
A Server-Side Request Forgery (SSRF) vulnerability exists in the jpress <= v5.1.1, which can be...
High
Unreviewed
CVE-2024-46468
was published
Oct 11, 2024
An issue has been discovered in GitLab EE affecting all versions starting from 15.10 prior to 17...
High
Unreviewed
CVE-2024-8977
was published
Oct 10, 2024
Server-side request forgery in Ivanti Avalanche before version 6.4.5 allows a remote...
High
Unreviewed
CVE-2024-47008
was published
Oct 8, 2024
Server-Side Request Forgery (SSRF) vulnerability in Firsh Justified Image Grid allows Server Side...
High
Unreviewed
CVE-2024-43989
was published
Sep 23, 2024
An improper access control vulnerability in GroupMe allows an a unauthenticated attacker to...
High
Unreviewed
CVE-2024-38183
was published
Sep 17, 2024
A server-side request forgery issue has been discovered in GitLab EE affecting all versions...
High
Unreviewed
CVE-2024-8635
was published
Sep 12, 2024
Loftware Spectrum (testDeviceConnection) before 5.1 allows SSRF.
High
Unreviewed
CVE-2023-37230
was published
Sep 10, 2024
A server side request forgery vulnerability allows a low-privileged user to perform local...
High
Unreviewed
CVE-2024-40718
was published
Sep 7, 2024
Server-Side Request Forgery (SSRF), Improper Control of Generation of Code ('Code Injection')...
High
Unreviewed
CVE-2024-45507
was published
Sep 4, 2024
The Skitter Slideshow plugin for WordPress is vulnerable to Server-Side Request Forgery in all...
High
Unreviewed
CVE-2022-1751
was published
Aug 17, 2024
The Modern Events Calendar plugin for WordPress is vulnerable to Server-Side Request Forgery in...
High
Unreviewed
CVE-2024-6522
was published
Aug 7, 2024
An authenticated attacker can bypass Server-Side Request Forgery (SSRF) protection in Microsoft...
High
Unreviewed
CVE-2024-38206
was published
Aug 7, 2024
** UNSUPPORTED WHEN ASSIGNED ** Server-Side Request Forgery (SSRF) vulnerability in Apache IoTDB...
High
Unreviewed
CVE-2024-36448
was published
Aug 5, 2024
A Server-Side Request Forgery (SSRF) in the Plugins Page of WonderCMS v3.4.3 allows attackers to...
High
Unreviewed
CVE-2024-41305
was published
Jul 30, 2024
Server-Side Request Forgery (SSRF) vulnerability in Berqier Ltd BerqWP.This issue affects BerqWP:...
High
Unreviewed
CVE-2024-37942
was published
Jul 22, 2024
ProTip!
Advisories are also available from the
GraphQL API