GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
864 advisories
Filter by severity
RHACM: unauthenticated SSRF in console API endpoint. A Server-Side Request Forgery (SSRF)...
High
Unreviewed
CVE-2022-3841
was published
Jan 13, 2023
IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.14.3 is vulnerable to server-side request...
Moderate
Unreviewed
CVE-2021-39051
was published
Mar 15, 2022
The DefaultRepositoryAdminService class in Fisheye and Crucible before version 4.8.9 allowed...
Moderate
Unreviewed
CVE-2021-43954
was published
Mar 15, 2022
Ligeo Archives Ligeo Basics as of 02_01-2022 is vulnerable to Server Side Request Forgery (SSRF)...
High
Unreviewed
CVE-2021-46107
was published
Mar 18, 2022
An issue was discovered in MISP before 2.4.156. app/Model/Server.php does not restrict...
High
Unreviewed
CVE-2022-27245
was published
Mar 19, 2022
The FormCraft WordPress plugin before 3.8.28 does not validate the URL parameter in the...
Critical
Unreviewed
CVE-2022-0591
was published
Mar 22, 2022
Sentinel 1.8.2 is vulnerable to Server-side request forgery (SSRF).
High
Unreviewed
CVE-2021-44139
was published
Mar 24, 2022
A vulnerability was discovered in GitLab versions 10.5 to 14.5.4, 14.6 to 14.6.4, and 14.7 to 14...
High
Unreviewed
CVE-2022-0136
was published
Mar 29, 2022
A vulnerability was discovered in GitLab starting with version 12. GitLab was vulnerable to a...
Critical
Unreviewed
CVE-2022-0249
was published
Mar 29, 2022
SSRF on index.php/cobrowse/proxycss/ in GitHub repository livehelperchat/livehelperchat prior to...
High
Unreviewed
CVE-2022-1191
was published
Apr 1, 2022
Sonatype Nexus Repository Manager 3.x before 3.38.0 allows SSRF.
Moderate
Unreviewed
CVE-2022-27907
was published
Mar 31, 2022
MashZone NextGen through 10.7 GA has an SSRF vulnerability that allows an attacker to interact...
High
Unreviewed
CVE-2021-33581
was published
Apr 1, 2022
A DNS rebinding vulnerability in the Irker IRC Gateway integration in all versions of GitLab CE...
High
Unreviewed
CVE-2022-0425
was published
Apr 3, 2022
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.1 before 14...
Moderate
Unreviewed
CVE-2022-1188
was published
Apr 5, 2022
Server-Side Request Forgery (SSRF) in GitHub repository janeczku/calibre-web prior to 0.6.18.
Critical
Unreviewed
CVE-2022-0990
was published
Apr 5, 2022
IBM Planning Analytics 2.0 is vulnerable to server-side request forgery (SSRF). This may allow an...
High
Unreviewed
CVE-2022-22339
was published
Apr 9, 2022
Dr Trust USA iCheck Connect BP Monitor BP Testing 118 version 1.2.1 is vulnerable to Transmitting...
Moderate
Unreviewed
CVE-2020-27375
was published
Apr 8, 2022
Server-Side Request Forgery (SSRF) in GitHub repository janeczku/calibre-web prior to 0.6.18.
Critical
Unreviewed
CVE-2022-0939
was published
Apr 5, 2022
OX App Suite through 7.10.6 allows SSRF because the anti-SSRF protection mechanism only checks...
Moderate
Unreviewed
CVE-2022-37313
was published
Dec 26, 2022
Server-Side Request Forgery (SSRF) vulnerability in Johnson Controls Metasys could allow an...
High
Unreviewed
CVE-2021-36202
was published
Apr 8, 2022
Wildix WMS 6 before 6.02.20221216, WMS 5 before 5.04.20221214, and WMS4 before 4.04.45396.23...
Critical
Unreviewed
CVE-2022-47635
was published
Dec 21, 2022
A Server-Side Request Forgery (SSRF) in Chamilo LMS v1.11.13 allows attackers to enumerate the...
High
Unreviewed
CVE-2022-27426
was published
Apr 16, 2022
The EXMAGE WordPress plugin before 1.0.7 does to ensure that images added via URLs are external...
High
Unreviewed
CVE-2022-1037
was published
Apr 19, 2022
Server-side request forgery (SSRF) vulnerability in feed-proxy.php in extjs 5.0.0.
Moderate
Unreviewed
CVE-2007-6758
was published
Apr 21, 2022
A vulnerability in all versions of SCT/SCT Pro prior to version 14.2.2 allows a remote...
Critical
Unreviewed
CVE-2021-36203
was published
Apr 23, 2022
ProTip!
Advisories are also available from the
GraphQL API