Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

282 advisories

Loading
An issue was discovered in Logpoint before 7.5.0. Server-Side Request Forgery (SSRF) on SOAR can... High Unreviewed
CVE-2024-48951 was published Nov 7, 2024
An issue in Open-Source Technology Committee SRS real-time video server RS/4.0.268(Leo) and SRS/4... High Unreviewed
CVE-2024-33250 was published May 14, 2024
AppSmith Community 1.8.3 before 1.46 allows SSRF via New DataSource for application/json requests... High Unreviewed
CVE-2024-51408 was published Nov 4, 2024
Qualitor v8.24 was discovered to contain a Server-Side Request Forgery (SSRF) via the component ... High Unreviewed
CVE-2024-48360 was published Oct 31, 2024
newbee-mall v1.0.0 is vulnerable to Server-Side Request Forgery (SSRF) via the goodsCoverImg... High Unreviewed
CVE-2024-48178 was published Oct 28, 2024
An issue in inducer relate before v.2024.1 allows a remote attacker to execute arbitrary code via... High Unreviewed
CVE-2024-32407 was published Apr 22, 2024
An issue was discovered in Zimbra Collaboration (ZCS) 10.1.x before 10.1.1, 10.0.x before 10.0.9,... High Unreviewed
CVE-2024-45518 was published Oct 22, 2024
The Mapplic and Mapplic Lite plugins for WordPress are vulnerable to Server-Side Request Forgery... High Unreviewed
CVE-2012-10018 was published Oct 16, 2024
A Server-Side Request Forgery (SSRF) vulnerability exists in the jpress <= v5.1.1, which can be... High Unreviewed
CVE-2024-46468 was published Oct 11, 2024
An issue has been discovered in GitLab EE affecting all versions starting from 15.10 prior to 17... High Unreviewed
CVE-2024-8977 was published Oct 10, 2024
Server-side request forgery in Ivanti Avalanche before version 6.4.5 allows a remote... High Unreviewed
CVE-2024-47008 was published Oct 8, 2024
Server-Side Request Forgery (SSRF) vulnerability in Firsh Justified Image Grid allows Server Side... High Unreviewed
CVE-2024-43989 was published Sep 23, 2024
An improper access control vulnerability in GroupMe allows an a unauthenticated attacker to... High Unreviewed
CVE-2024-38183 was published Sep 17, 2024
A server-side request forgery issue has been discovered in GitLab EE affecting all versions... High Unreviewed
CVE-2024-8635 was published Sep 12, 2024
Loftware Spectrum before 5.1 allows SSRF. High Unreviewed
CVE-2023-37229 was published Sep 10, 2024
Loftware Spectrum (testDeviceConnection) before 5.1 allows SSRF. High Unreviewed
CVE-2023-37230 was published Sep 10, 2024
A server side request forgery vulnerability allows a low-privileged user to perform local... High Unreviewed
CVE-2024-40718 was published Sep 7, 2024
Server-Side Request Forgery (SSRF), Improper Control of Generation of Code ('Code Injection')... High Unreviewed
CVE-2024-45507 was published Sep 4, 2024
** UNSUPPORTED WHEN ASSIGNED ** Server-Side Request Forgery (SSRF) vulnerability in Apache IoTDB... High Unreviewed
CVE-2024-36448 was published Aug 5, 2024
Server Side Request Forgery (SSRF) vulnerability in 71cms v1.0.0, allows remote unauthenticated... High Unreviewed
CVE-2024-25187 was published Apr 2, 2024
An issue was discovered in RWS WorldServer before 11.7.3. An authenticated, remote attacker can... High Unreviewed
CVE-2022-34269 was published Feb 29, 2024
The Skitter Slideshow plugin for WordPress is vulnerable to Server-Side Request Forgery in all... High Unreviewed
CVE-2022-1751 was published Aug 17, 2024
A Server-Side Request Forgery (SSRF) in the Plugins Page of WonderCMS v3.4.3 allows attackers to... High Unreviewed
CVE-2024-41305 was published Jul 30, 2024
The Modern Events Calendar plugin for WordPress is vulnerable to Server-Side Request Forgery in... High Unreviewed
CVE-2024-6522 was published Aug 7, 2024
An authenticated attacker can bypass Server-Side Request Forgery (SSRF) protection in Microsoft... High Unreviewed
CVE-2024-38206 was published Aug 7, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database