GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
378 advisories
Filter by severity
Dell EMC Streaming Data Platform versions before 1.3 contain a Server Side Request Forgery...
Moderate
Unreviewed
CVE-2021-36327
was published
Dec 1, 2021
IBM QRadar SIEM 7.3 and 7.4 is vulnerable to server side request forgery (SSRF). This may allow...
Moderate
Unreviewed
CVE-2021-29863
was published
Dec 2, 2021
An information disclosure via GET request server-side request forgery vulnerability was...
Moderate
Unreviewed
CVE-2021-37940
was published
Dec 8, 2021
The Zoom Client for Meetings before version 5.7.3 (for Android, iOS, Linux, macOS, and Windows)...
Moderate
Unreviewed
CVE-2021-34425
was published
Dec 15, 2021
PartKeepr versions up to v1.4.0, in the functionality to upload attachments using a URL when...
Moderate
Unreviewed
CVE-2022-22702
was published
Jan 11, 2022
SSRF vulnerability in M-Files Server products with versions before 22.1.11017.1, in a preview...
Moderate
Unreviewed
CVE-2021-41809
was published
Jan 19, 2022
Server side request forgery protections in GitLab CE/EE versions between 8.4 and 14.4.x, between...
Moderate
Unreviewed
CVE-2021-39927
was published
Jan 19, 2022
Dell EMC Data Protection Central versions 19.5 and prior contain a Server Side Request Forgery...
Moderate
Unreviewed
CVE-2021-36349
was published
Jan 25, 2022
In JetBrains TeamCity before 2021.2, blind SSRF via an XML-RPC call was possible.
Moderate
Unreviewed
CVE-2022-24333
was published
Feb 26, 2022
IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.14.3 is vulnerable to server-side request...
Moderate
Unreviewed
CVE-2021-39051
was published
Mar 15, 2022
The DefaultRepositoryAdminService class in Fisheye and Crucible before version 4.8.9 allowed...
Moderate
Unreviewed
CVE-2021-43954
was published
Mar 15, 2022
Sonatype Nexus Repository Manager 3.x before 3.38.0 allows SSRF.
Moderate
Unreviewed
CVE-2022-27907
was published
Mar 31, 2022
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.1 before 14...
Moderate
Unreviewed
CVE-2022-1188
was published
Apr 5, 2022
Dr Trust USA iCheck Connect BP Monitor BP Testing 118 version 1.2.1 is vulnerable to Transmitting...
Moderate
Unreviewed
CVE-2020-27375
was published
Apr 8, 2022
Server-side request forgery (SSRF) vulnerability in feed-proxy.php in extjs 5.0.0.
Moderate
Unreviewed
CVE-2007-6758
was published
Apr 21, 2022
A Server-Side Request Forgery (SSRF) in feed_parser class of Navigate CMS v2.9.4 allows remote...
Moderate
Unreviewed
CVE-2022-28117
was published
Apr 29, 2022
Talend Administration Center has a vulnerability that allows an authenticated user to use the...
Moderate
Unreviewed
CVE-2022-29942
was published
May 5, 2022
Jspxcms v10.2.0 allows attackers to execute a Server-Side Request Forgery (SSRF) via /cmscp/ext...
Moderate
Unreviewed
CVE-2022-28090
was published
May 5, 2022
In Progress Ipswitch WhatsUp Gold 17.0.0 through 21.1.1, and 22.0.0, it is possible for an...
Moderate
Unreviewed
CVE-2022-29848
was published
May 12, 2022
The VerifyPopServerConnection resource in Atlassian Jira before version 7.6.10, from version 7.7...
Moderate
Unreviewed
CVE-2018-13404
was published
May 13, 2022
The configuration file import for applications, spyware and vulnerability objects functionality...
Moderate
Unreviewed
CVE-2017-15943
was published
May 13, 2022
A vulnerability in the web interface of Cisco TelePresence Conductor, Cisco Expressway Series,...
Moderate
Unreviewed
CVE-2019-1679
was published
May 13, 2022
A Server-Side Request Forgery issue was discovered in Belden Hirschmann GECKO Lite Managed switch...
Moderate
Unreviewed
CVE-2017-6036
was published
May 13, 2022
The Github repository importer in Atlassian Bitbucket Server before version 5.3.0 allows remote...
Moderate
Unreviewed
CVE-2017-18036
was published
May 13, 2022
Server-side request forgery (SSRF) vulnerability in Link Preview in Synology Chat before 2.0.0...
Moderate
Unreviewed
CVE-2017-15886
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API