GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,438
Composer 4,411
Erlang 33
GitHub Actions 22
Go 2,146
Maven 5,316
npm 3,808
NuGet 687
pip 3,481
Pub 12
RubyGems 897
Rust 899
Swift 38

Unreviewed advisories

All unreviewed 246,089

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

311 advisories

Filter by severity

Sort by

Least recently updated

Server-Side Request Forgery (SSRF) vulnerability in Salesforce Tableau Server allows... High Unreviewed

CVE-2025-26494 was published Feb 11, 2025

The web server receives a URL or similar request from an upstream component and retrieves the... High Unreviewed

CVE-2024-37359 was published Feb 20, 2025

Stimulsoft GmbH Stimulsoft Designer (Web) 2023.1.3 is vulnerable to Server Side Request Forgery ... High Unreviewed

CVE-2023-25262 was published Mar 28, 2023

Server-side request forgery (SSRF) vulnerability exists in FileMegane versions above 3.0.0.0... High Unreviewed

CVE-2025-20075 was published Feb 18, 2025

Dell UCC Edge, version 2.3.0, contains a Blind SSRF on Add Customer SFTP Server vulnerability. An... High Unreviewed

CVE-2025-22399 was published Feb 11, 2025

The PDF Invoices & Packing Slips for WooCommerce plugin for WordPress is vulnerable to Server... High Unreviewed

CVE-2024-3047 was published May 2, 2024

A vulnerability has been identified in Opcenter Intelligence (All versions < V2501). Server-side... High Unreviewed

CVE-2025-26491 was published Feb 11, 2025

Server-Side Request Forgery (SSRF) vulnerability in Kadence WP Gutenberg Blocks by Kadence Blocks... High Unreviewed

CVE-2024-23500 was published Mar 28, 2024

Server-Side Request Forgery (SSRF) in Microsoft Dynamics 365 Sales allows an authorized attacker... High Unreviewed

CVE-2025-21177 was published Feb 7, 2025

The Gutenberg Blocks by Kadence Blocks – Page Builder Features plugin for WordPress is vulnerable... High Unreviewed

CVE-2023-6964 was published Apr 9, 2024

MSFM before v2025.01.01 was discovered to contain a Server-Side Request Forgery (SSRF) via the... High Unreviewed

CVE-2024-57767 was published Jan 15, 2025

The Memberpress plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all... High Unreviewed

CVE-2024-5031 was published May 22, 2024

Server Side Request Forgery in vRealize Operations Manager API (CVE-2021-21975) prior to 8.4 may... High Unreviewed

CVE-2021-21975 was published May 24, 2022

Invoice Ninja is vulnerable to authenticated Server-Side Request Forgery (SSRF) allowing for... High Unreviewed

CVE-2025-0474 was published Jan 14, 2025

Veeam Backup for Microsoft Azure is vulnerable to Server-Side Request Forgery (SSRF). This may... High Unreviewed

CVE-2025-23082 was published Jan 14, 2025

The ElementsKit PRO plugin for WordPress is vulnerable to Server-Side Request Forgery in versions... High Unreviewed

CVE-2024-4404 was published Jun 14, 2024

A Server-Side Request Forgery (SSRF) vulnerability in Microsoft Purview allows an authorized... High Unreviewed

CVE-2025-21385 was published Jan 10, 2025

A Server-Side Request Forgery vulnerability in the SonicOS SSH management interface allows a... High Unreviewed

CVE-2024-53705 was published Jan 9, 2025

A Server-Side Request Forgery (SSRF) in the endpoint http://{your-server}/url-to-pdf of Stirling... High Unreviewed

CVE-2024-55082 was published Dec 19, 2024

Microsoft Exchange Server Elevation of Privilege Vulnerability. High Unreviewed

CVE-2022-41040 was published Oct 4, 2022

A Server-Side Request Forgery (SSRF) in smarts-srl.com Smart Agent v.1.1.0 allows a remote... High Unreviewed

CVE-2024-50714 was published Dec 28, 2024

Server-Side Request Forgery in URL Mapper in Arctic Security's Arctic Hub versions 3.0.1764-5.6... High Unreviewed

CVE-2024-12867 was published Dec 20, 2024

In the GetSimple CMS CE 3.3.19 management page, Server-Side Request Forgery (SSRF) can be... High Unreviewed

CVE-2024-55086 was published Dec 18, 2024

The WP All Import Pro plugin for WordPress is vulnerable to Server-Side Request Forgery in all... High Unreviewed

CVE-2024-9624 was published Dec 17, 2024

Server-Side Request Forgery (SSRF) vulnerability in SoftLab Radio Player allows Server Side... High Unreviewed

CVE-2024-54385 was published Dec 16, 2024

Previous 1 2 3 4 5 … 12 13 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

311 advisories