GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
1,161 advisories
Filter by severity
GeoNode Server Side Request forgery
High
CVE-2023-40017
was published
for
geonode
(pip)
Nov 21, 2024
Applications that use Wget to access a remote resource using shorthand URLs and pass arbitrary...
Moderate
Unreviewed
CVE-2024-10524
was published
Nov 19, 2024
Server-Side Request Forgery (SSRF), Improper Control of Generation of Code ('Code Injection')...
Critical
Unreviewed
CVE-2024-47208
was published
Nov 18, 2024
A Server-Side Request Forgery (SSRF) vulnerability was discovered in chatwoot/chatwoot, affecting...
High
Unreviewed
CVE-2021-3742
was published
Nov 15, 2024
A server-side request forgery in PAN-OS software enables an unauthenticated attacker to use the...
Moderate
Unreviewed
CVE-2024-5917
was published
Nov 14, 2024
The urllib.parse.urlsplit() and urlparse() functions improperly validated bracketed hosts (`[]`),...
Moderate
Unreviewed
CVE-2024-11168
was published
Nov 13, 2024
Adobe Commerce versions 3.2.5 and earlier are affected by a Server-Side Request Forgery (SSRF)...
High
Unreviewed
CVE-2024-49521
was published
Nov 12, 2024
Server-Side Request Forgery (SSRF) vulnerability in I Thirteen Web Solution Responsive Filterable...
Moderate
Unreviewed
CVE-2024-51785
was published
Nov 9, 2024
The Code Embed plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions...
Moderate
Unreviewed
CVE-2024-10814
was published
Nov 9, 2024
Northern.tech Mender before 3.6.6 and 3.7.x before 3.7.7 allows SSRF.
Moderate
Unreviewed
CVE-2024-46947
was published
Nov 8, 2024
Northern.tech Hosted Mender before 2024.07.11 allows SSRF.
Low
Unreviewed
CVE-2024-47190
was published
Nov 8, 2024
An issue was discovered in Logpoint before 7.5.0. Server-Side Request Forgery (SSRF) on SOAR can...
High
Unreviewed
CVE-2024-48951
was published
Nov 7, 2024
An issue in Linux Server Heimdall v.2.6.1 allows a remote attacker to execute arbitrary code via...
Critical
Unreviewed
CVE-2024-51358
was published
Nov 6, 2024
gradio Server Side Request Forgery vulnerability
Moderate
CVE-2024-48052
was published
for
gradio
(pip)
Nov 5, 2024
Server-Side Request Forgery (SSRF) vulnerability in Noor alam Magical Addons For Elementor allows...
Moderate
Unreviewed
CVE-2024-51665
was published
Nov 4, 2024
AppSmith Community 1.8.3 before 1.46 allows SSRF via New DataSource for application/json requests...
High
Unreviewed
CVE-2024-51408
was published
Nov 4, 2024
Qualitor v8.24 was discovered to contain a Server-Side Request Forgery (SSRF) via the component ...
High
Unreviewed
CVE-2024-48360
was published
Oct 31, 2024
xtreme1 <= v0.9.1 contains a Server-Side Request Forgery (SSRF) vulnerability in the /api/data...
Moderate
Unreviewed
CVE-2024-48346
was published
Oct 30, 2024
A Server-Side Request Forgery (SSRF) vulnerability has been identified in eladmin 2.7 and earlier...
Moderate
Unreviewed
CVE-2024-51242
was published
Oct 30, 2024
SparkShop <=1.1.7 is vulnerable to server-side request forgery (SSRF). This vulnerability allows...
Moderate
Unreviewed
CVE-2024-48107
was published
Oct 28, 2024
newbee-mall v1.0.0 is vulnerable to Server-Side Request Forgery (SSRF) via the goodsCoverImg...
High
Unreviewed
CVE-2024-48178
was published
Oct 28, 2024
An issue was discovered in mipjz 5.0.5. In the push method of app\tag\controller\ApiAdminTag.php...
Moderate
Unreviewed
CVE-2024-48234
was published
Oct 26, 2024
An issue was found in mipjz 5.0.5. In the mipPost method of \app\setting\controller\ApiAdminTool...
Moderate
Unreviewed
CVE-2024-48232
was published
Oct 25, 2024
An arbitrary file upload vulnerability in Huly Platform v0.6.295 allows attackers to execute...
Moderate
Unreviewed
CVE-2024-48450
was published
Oct 25, 2024
Butterfly has path/URL confusion in resource handling leading to multiple weaknesses
Critical
CVE-2024-47883
was published
for
org.openrefine.dependencies:butterfly
(Maven)
Oct 24, 2024
ProTip!
Advisories are also available from the
GraphQL API