GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,012
Maven
5,000+
npm
3,720
NuGet
662
pip
3,393
Pub
11
RubyGems
885
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
845 advisories
Filter by severity
Server-Side Request Forgery (SSRF) vulnerability in Gabe Livan Asset CleanUp: Page Speed Booster...
Moderate
Unreviewed
CVE-2024-53738
was published
Nov 30, 2024
LinkStack 2.7.9 through 4.7.7 allows resources\views\components\favicon.blade.php link SSRF.
Moderate
Unreviewed
CVE-2024-35451
was published
Nov 29, 2024
PostHog database_schema Server-Side Request Forgery Information Disclosure Vulnerability. This...
High
Unreviewed
CVE-2024-9710
was published
Nov 22, 2024
A vulnerability classified as critical was found in IPC Unigy Management System 04.03.00.08.0027....
Moderate
Unreviewed
CVE-2024-11618
was published
Nov 22, 2024
A server-side request forgery (SSRF) vulnerability has been reported to affect Notes Station 3....
Critical
Unreviewed
CVE-2024-38645
was published
Nov 22, 2024
Applications that use Wget to access a remote resource using shorthand URLs and pass arbitrary...
Moderate
Unreviewed
CVE-2024-10524
was published
Nov 19, 2024
Server-Side Request Forgery (SSRF), Improper Control of Generation of Code ('Code Injection')...
Critical
Unreviewed
CVE-2024-47208
was published
Nov 18, 2024
A Server-Side Request Forgery (SSRF) vulnerability was discovered in chatwoot/chatwoot, affecting...
High
Unreviewed
CVE-2021-3742
was published
Nov 15, 2024
A server-side request forgery in PAN-OS software enables an unauthenticated attacker to use the...
Moderate
Unreviewed
CVE-2024-5917
was published
Nov 14, 2024
The urllib.parse.urlsplit() and urlparse() functions improperly validated bracketed hosts (`[]`),...
Moderate
Unreviewed
CVE-2024-11168
was published
Nov 13, 2024
Adobe Commerce versions 3.2.5 and earlier are affected by a Server-Side Request Forgery (SSRF)...
High
Unreviewed
CVE-2024-49521
was published
Nov 12, 2024
Server-Side Request Forgery (SSRF) vulnerability in I Thirteen Web Solution Responsive Filterable...
Moderate
Unreviewed
CVE-2024-51785
was published
Nov 9, 2024
The Code Embed plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions...
Moderate
Unreviewed
CVE-2024-10814
was published
Nov 9, 2024
Northern.tech Hosted Mender before 2024.07.11 allows SSRF.
Low
Unreviewed
CVE-2024-47190
was published
Nov 8, 2024
Northern.tech Mender before 3.6.6 and 3.7.x before 3.7.7 allows SSRF.
Moderate
Unreviewed
CVE-2024-46947
was published
Nov 8, 2024
An issue was discovered in Logpoint before 7.5.0. Server-Side Request Forgery (SSRF) on SOAR can...
High
Unreviewed
CVE-2024-48951
was published
Nov 7, 2024
An issue in Linux Server Heimdall v.2.6.1 allows a remote attacker to execute arbitrary code via...
Critical
Unreviewed
CVE-2024-51358
was published
Nov 6, 2024
Server-Side Request Forgery (SSRF) vulnerability in Noor alam Magical Addons For Elementor allows...
Moderate
Unreviewed
CVE-2024-51665
was published
Nov 4, 2024
AppSmith Community 1.8.3 before 1.46 allows SSRF via New DataSource for application/json requests...
High
Unreviewed
CVE-2024-51408
was published
Nov 4, 2024
Qualitor v8.24 was discovered to contain a Server-Side Request Forgery (SSRF) via the component ...
High
Unreviewed
CVE-2024-48360
was published
Oct 31, 2024
A Server-Side Request Forgery (SSRF) vulnerability has been identified in eladmin 2.7 and earlier...
Moderate
Unreviewed
CVE-2024-51242
was published
Oct 30, 2024
xtreme1 <= v0.9.1 contains a Server-Side Request Forgery (SSRF) vulnerability in the /api/data...
Moderate
Unreviewed
CVE-2024-48346
was published
Oct 30, 2024
SparkShop <=1.1.7 is vulnerable to server-side request forgery (SSRF). This vulnerability allows...
Moderate
Unreviewed
CVE-2024-48107
was published
Oct 28, 2024
newbee-mall v1.0.0 is vulnerable to Server-Side Request Forgery (SSRF) via the goodsCoverImg...
High
Unreviewed
CVE-2024-48178
was published
Oct 28, 2024
An issue was discovered in mipjz 5.0.5. In the push method of app\tag\controller\ApiAdminTag.php...
Moderate
Unreviewed
CVE-2024-48234
was published
Oct 26, 2024
ProTip!
Advisories are also available from the
GraphQL API