Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

389 advisories

Loading
Arbitrary file properties reading vulnerability in Apache Software Foundation Apache OFBiz when... High Unreviewed
CVE-2023-50968 was published Dec 26, 2023
An unauthenticated attacked could send a specifically crafted web request causing a Server-Side... High Unreviewed
CVE-2023-46262 was published Dec 19, 2023
A vulnerability was found in kalcaddle kodbox up to 1.48. It has been rated as critical. Affected... High Unreviewed
CVE-2023-6849 was published Dec 16, 2023
Server-Side Request Forgery (SSRF) vulnerability in Elegant Digital Solutions CommentLuv.This... High Unreviewed
CVE-2023-49159 was published Dec 15, 2023
Server-Side Request Forgery (SSRF) in kubeflow/kubeflow High Unreviewed
CVE-2023-6570 was published Dec 14, 2023
SSRF & Credentials Leak High
CVE-2023-49799 was published for nuxt-api-party (npm) Dec 12, 2023
OhB00
Server-Side Request Forgery (SSRF) vulnerability in Brainstorm Force Starter Templates —... High Unreviewed
CVE-2023-41804 was published Dec 7, 2023
Server-Side Request Forgery (SSRF) vulnerability in Paytm Paytm Payment Gateway.This issue... High Unreviewed
CVE-2022-45362 was published Dec 7, 2023
Server-Side Request Forgery (SSRF) vulnerability in Darren Cooney Instant Images plugin <= 5.1.0... High Unreviewed
CVE-2023-27451 was published Nov 22, 2023
Book Stack version 23.10.2 allows filtering local files on the server. This is possible because... High Unreviewed
CVE-2023-6199 was published Nov 21, 2023
Server-Side Request Forgery (SSRF) vulnerability in Vova Anokhin WP Shortcodes Plugin —... High Unreviewed
CVE-2023-23800 was published Nov 13, 2023
Local File Inclusion vulnerability in Midori-global Better PDF Exporter for Jira Server and Jira... High Unreviewed
CVE-2023-42361 was published Nov 8, 2023
FoodCoopShop Server-Side Request Forgery vulnerability High
CVE-2023-46725 was published for foodcoopshop/foodcoopshop (Composer) Nov 2, 2023
asesidaa mrothauer
The Assistant WordPress plugin before 1.4.4 does not validate a parameter before making a request... High Unreviewed
CVE-2023-5798 was published Oct 26, 2023
WPS Server Side Request Forgery vulnerability High
CVE-2023-43795 was published for org.geoserver.extension:gs-wps-core (Maven) Oct 24, 2023
Fides Server-Side Request Forgery Vulnerability in Custom Integration Upload High
CVE-2023-46124 was published for ethyca-fides (pip) Oct 24, 2023
grmpyninja
umputun remark42 version 1.12.1 and before has a Blind Server-Side Request Forgery (SSRF)... High Unreviewed
CVE-2023-45966 was published Oct 23, 2023
link_to_local_path in ebooks/conversion/plugins/html_input.py in calibre before 6.19.0 can, by... High Unreviewed
CVE-2023-46303 was published Oct 22, 2023
Langchain Server-Side Request Forgery vulnerability High
CVE-2023-32786 was published for langchain (pip) Oct 21, 2023
eyurtsev
LangChain Server Side Request Forgery vulnerability High
CVE-2023-46229 was published for langchain (pip) Oct 19, 2023
Presto JDBC Server-Side Request Forgery by nextUri High
GHSA-86q5-qcjc-7pv4 was published for com.facebook.presto:presto-jdbc (Maven) Oct 3, 2023
Presto JDBC Server-Side Request Forgery by redirect High
GHSA-xm7x-f3w2-4hjm was published for com.facebook.presto:presto-jdbc (Maven) Oct 3, 2023
Server-Side Request Forgery vulnerability in SLims version 9.6.0. This vulnerability could allow... High Unreviewed
CVE-2023-3744 was published Oct 2, 2023
GeoNode vulnerable to SSRF Bypass to return internal host data High
CVE-2023-42439 was published for GeoNode (pip) Sep 20, 2023
ImThatT
The Dropbox Folder Share plugin for WordPress is vulnerable to Server-Side Request Forgery in... High Unreviewed
CVE-2023-3025 was published Sep 16, 2023
ProTip! Advisories are also available from the GraphQL API