GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
799 advisories
Filter by severity
IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3...
Moderate
Unreviewed
CVE-2024-22329
was published
Apr 17, 2024
Server-Side Request Forgery (SSRF) vulnerability in Wappointment Appointment Bookings for Zoom...
Moderate
Unreviewed
CVE-2024-32454
was published
Apr 15, 2024
Server-Side Request Forgery (SSRF) vulnerability in ActiveCampaign.This issue affects...
Moderate
Unreviewed
CVE-2024-32430
was published
Apr 15, 2024
Users with low privileges can perform certain AJAX actions. In this vulnerability instance,...
Moderate
Unreviewed
CVE-2024-3448
was published
Apr 10, 2024
Server-side request forgery (SSRF) in PingFederate allows unauthenticated http requests to attack...
Moderate
Unreviewed
CVE-2023-40148
was published
Apr 10, 2024
SAP NetWeaver application, due to insufficient input validation, allows an attacker to send a...
Moderate
Unreviewed
CVE-2024-27898
was published
Apr 9, 2024
Server-Side Request Forgery (SSRF) vulnerability in RapidLoad RapidLoad Power-Up for Autoptimize...
High
Unreviewed
CVE-2024-31288
was published
Apr 7, 2024
An issue in Ladder v.0.0.1 thru v.0.0.21 allows a remote attacker to obtain sensitive information...
High
Unreviewed
CVE-2024-27620
was published
Apr 6, 2024
The CloudStack management server and secondary storage VM could be tricked into making requests...
Unknown
Unreviewed
CVE-2024-29007
was published
Apr 4, 2024
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE)...
Moderate
Unreviewed
CVE-2024-20332
was published
Apr 3, 2024
Server-Side Request Forgery (SSRF) vulnerability in Builderall Team Builderall Builder for...
Moderate
Unreviewed
CVE-2024-30532
was published
Apr 2, 2024
Server-Side Request Forgery (SSRF) vulnerability in Kadence WP Gutenberg Blocks by Kadence Blocks...
Moderate
Unreviewed
CVE-2024-24888
was published
Apr 2, 2024
Server-Side Request Forgery (SSRF) vulnerability in Nelio Software Nelio Content.This issue...
Moderate
Unreviewed
CVE-2024-30531
was published
Apr 2, 2024
Server Side Request Forgery (SSRF) vulnerability in 71cms v1.0.0, allows remote unauthenticated...
High
Unreviewed
CVE-2024-25187
was published
Apr 2, 2024
Server-Side Request Forgery (SSRF) vulnerability in Brave Brave Popup Builder.This issue affects...
Moderate
Unreviewed
CVE-2024-30453
was published
Mar 29, 2024
SysAid before version 23.2.14 b18 - CWE-918: Server-Side Request Forgery (SSRF) may allow...
High
Unreviewed
CVE-2024-27775
was published
Mar 28, 2024
Server-Side Request Forgery (SSRF) vulnerability in NiteoThemes CMP – Coming Soon & Maintenance...
Moderate
Unreviewed
CVE-2023-50374
was published
Mar 28, 2024
Server-Side Request Forgery (SSRF) vulnerability in Jordy Meow AI Engine: ChatGPT Chatbot.This...
Moderate
Unreviewed
CVE-2024-29090
was published
Mar 28, 2024
Server-Side Request Forgery (SSRF) vulnerability in Brainstorm Force Spectra.This issue affects...
High
Unreviewed
CVE-2023-36679
was published
Mar 28, 2024
Server-Side Request Forgery (SSRF) vulnerability in ThemeFusion Avada.This issue affects Avada:...
High
Unreviewed
CVE-2023-39313
was published
Mar 28, 2024
Server-Side Request Forgery (SSRF) vulnerability in Brainstorm Force Starter Templates —...
High
Unreviewed
CVE-2023-34370
was published
Mar 28, 2024
Server-Side Request Forgery (SSRF) vulnerability in Kadence WP Gutenberg Blocks by Kadence Blocks...
High
Unreviewed
CVE-2024-23500
was published
Mar 28, 2024
The CRM platform Twenty version 0.3.0 is vulnerable to SSRF via file upload.
Moderate
Unreviewed
CVE-2024-28435
was published
Mar 25, 2024
A vulnerability, which was classified as critical, has been found in lakernote EasyAdmin up to...
Moderate
Unreviewed
CVE-2024-2827
was published
Mar 22, 2024
A vulnerability, which was classified as critical, was found in lakernote EasyAdmin up to...
Moderate
Unreviewed
CVE-2024-2828
was published
Mar 22, 2024
ProTip!
Advisories are also available from the
GraphQL API