Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

402 advisories

Loading
** UNSUPPORTED WHEN ASSIGNED ** Server-Side Request Forgery (SSRF) vulnerability in Apache IoTDB... High Unreviewed
CVE-2024-36448 was published Aug 5, 2024
Rocket.Chat Server-Side Request Forgery (SSRF) vulnerability High
CVE-2024-39713 was published for rocket.chat (npm) Aug 5, 2024
A Server-Side Request Forgery (SSRF) in the Plugins Page of WonderCMS v3.4.3 allows attackers to... High Unreviewed
CVE-2024-41305 was published Jul 30, 2024
Server-Side Request Forgery (SSRF) vulnerability in Seraphinite Solutions Seraphinite Post .DOCX... High Unreviewed
CVE-2024-38728 was published Jul 22, 2024
Server-Side Request Forgery (SSRF) vulnerability in Berqier Ltd BerqWP.This issue affects BerqWP:... High Unreviewed
CVE-2024-37942 was published Jul 22, 2024
PublicCMS v4.0.202302.e was discovered to contain a Server-Side Request Forgery (SSRF) via the... High Unreviewed
CVE-2024-40543 was published Jul 12, 2024
PublicCMS v4.0.202302.e was discovered to contain a Server-Side Request Forgery (SSRF) via the... High Unreviewed
CVE-2024-40544 was published Jul 12, 2024
Microsoft SharePoint Server Information Disclosure Vulnerability High Unreviewed
CVE-2024-32987 was published Jul 9, 2024
Server-Side Request Forgery (SSRF) vulnerability in Theme-Ruby Foxiz.This issue affects Foxiz:... High Unreviewed
CVE-2024-37260 was published Jul 6, 2024
Server Side Request Forgery (SSRF) attack in Fedify High
CVE-2024-39687 was published for @fedify/fedify (npm) Jul 5, 2024
ThisIsMissEm
Server Side Request Forgery (SSRF) vulnerability in AdmirorFrames Joomla! extension in afGdStream... High Unreviewed
CVE-2024-5736 was published Jul 3, 2024
SSRF in Apache HTTP Server on Windows allows to potentially leak NTML hashes to a malicious... High Unreviewed
CVE-2024-38472 was published Jul 1, 2024
A Server-Side Request Forgery (SSRF) vulnerability exists in the upload processing interface of... High Unreviewed
CVE-2024-5822 was published Jun 27, 2024
stangirard/quivr version 0.0.236 contains a Server-Side Request Forgery (SSRF) vulnerability. The... High Unreviewed
CVE-2024-5885 was published Jun 27, 2024
The W3C XML Signature Syntax and Processing (XMLDsig) specification, starting with 1.0, was... High Unreviewed
CVE-2024-34581 was published Jun 26, 2024
In WhatsUp Gold versions released before 2023.1.3, a Server Side Request Forgery vulnerability... High Unreviewed
CVE-2024-5014 was published Jun 25, 2024
In WhatsUp Gold versions released before 2023.1.3, an authenticated SSRF vulnerability in Wug.UI... High Unreviewed
CVE-2024-5015 was published Jun 25, 2024
A Server-Side Request Forgery vulnerability was identified in GitHub Enterprise Server that... High Unreviewed
CVE-2024-5746 was published Jun 21, 2024
Strapi Server-Side Request Forgery (SSRF) High
CVE-2024-37818 was published for @strapi/strapi (npm) Jun 20, 2024
A Server-Side Request Forgery (SSRF) vulnerability exists in the file upload section of imartinez... High Unreviewed
CVE-2024-5186 was published Jun 6, 2024
A Server-Side Request Forgery (SSRF) vulnerability exists in the stangirard/quivr application,... High Unreviewed
CVE-2024-4851 was published Jun 6, 2024
A Server-Side Request Forgery (SSRF) vulnerability exists in the lunary-ai/lunary application,... High Unreviewed
CVE-2024-5328 was published Jun 6, 2024
Server-Side Request Forgery in gradio High
CVE-2024-4325 was published for gradio (pip) Jun 6, 2024
A Server-Side Request Forgery (SSRF) vulnerability exists in the 'add_webpage' endpoint of the... High Unreviewed
CVE-2024-5482 was published Jun 6, 2024
A host whitelist parser issue in the proxy service implemented in the GravityZone Update Server... High Unreviewed
CVE-2024-4177 was published Jun 6, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database