Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

346 advisories

Loading
A remote authenticated server-side request forgery (ssrf) vulnerability was discovered in Aruba... Moderate Unreviewed
CVE-2022-23668 was published May 17, 2022
The external_request api call in App Studio (millicore) allows server side request forgery (SSRF)... Moderate Unreviewed
CVE-2017-7553 was published May 14, 2022
Server Side Request Forgery (SSRF) vulnerability in SAP NetWeaver Knowledge Management... Moderate Unreviewed
CVE-2017-16678 was published May 14, 2022
The Trello importer in Atlassian Jira before version 7.6.1 allows remote attackers to access the... Moderate Unreviewed
CVE-2017-16865 was published May 14, 2022
Server Side Request Forgery (SSRF) vulnerability in SAP Central Management Console, BI Launchpad... Moderate Unreviewed
CVE-2018-2370 was published May 14, 2022
Digital Guardian Management Console 7.1.2.0015 has an SSRF issue that allows remote attackers to... Moderate Unreviewed
CVE-2018-10174 was published May 14, 2022
Pydio version 8.2.0 and earlier contains a Server-Side Request Forgery (SSRF) vulnerability in... Moderate Unreviewed
CVE-2018-1999017 was published May 14, 2022
The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow... Moderate Unreviewed
CVE-2016-3718 was published May 14, 2022
An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev11. The API to configure... Moderate Unreviewed
CVE-2016-4046 was published May 14, 2022
admin/functions/remote.php in Interspire Email Marketer through 6.1.6 has Server Side Request... Moderate Unreviewed
CVE-2018-19651 was published May 14, 2022
OX App Suite 7.8.4 and earlier allows Server-Side Request Forgery. Moderate Unreviewed
CVE-2018-12609 was published May 14, 2022
The FTP service on D-Link Central WiFiManager CWM-100 1.03 r0098 devices allows remote attackers... Moderate Unreviewed
CVE-2018-15516 was published May 14, 2022
GitLab Community and Enterprise Editions version 8.3 up to 10.x before 10.3 are vulnerable to... Moderate Unreviewed
CVE-2018-8801 was published May 14, 2022
Server side request forgery exists in the runtime application in K2 smartforms 4.6.11 via a... Moderate Unreviewed
CVE-2018-9920 was published May 14, 2022
JEECMS 9 has SSRF via the ueditor/getRemoteImage.jspx upfile parameter. Moderate Unreviewed
CVE-2018-20528 was published May 14, 2022
OX App Suite 7.8.4 and earlier allows SSRF. Moderate Unreviewed
CVE-2018-13103 was published May 14, 2022
The IconUriServlet of the Atlassian OAuth Plugin from version 1.3.0 before version 1.9.12 and... Moderate Unreviewed
CVE-2017-9506 was published May 14, 2022
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products ... Moderate Unreviewed
CVE-2017-3546 was published May 13, 2022
Server-side request forgery (SSRF) vulnerability in Downloader in Synology Download Station 3.8.x... Moderate Unreviewed
CVE-2017-11149 was published May 13, 2022
Server-side request forgery (SSRF) vulnerability in link preview in Synology Chat before 1.1.0... Moderate Unreviewed
CVE-2017-11148 was published May 13, 2022
Server-side request forgery (SSRF) vulnerability in file_upload.php in Synology Photo Station... Moderate Unreviewed
CVE-2017-12071 was published May 13, 2022
Server-side request forgery (SSRF) vulnerability in Link Preview in Synology Chat before 2.0.0... Moderate Unreviewed
CVE-2017-15886 was published May 13, 2022
The Github repository importer in Atlassian Bitbucket Server before version 5.3.0 allows remote... Moderate Unreviewed
CVE-2017-18036 was published May 13, 2022
A Server-Side Request Forgery issue was discovered in Belden Hirschmann GECKO Lite Managed switch... Moderate Unreviewed
CVE-2017-6036 was published May 13, 2022
A vulnerability in the web interface of Cisco TelePresence Conductor, Cisco Expressway Series,... Moderate Unreviewed
CVE-2019-1679 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API