Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

864 advisories

Loading
IBM i 7.3, 7.4, and 7.5 is vulnerable to server-side request forgery (SSRF). This may allow an... Moderate Unreviewed
CVE-2024-51463 was published Dec 21, 2024
Server-Side Request Forgery in URL Mapper in Arctic Security's Arctic Hub versions 3.0.1764-5.6... High Unreviewed
CVE-2024-12867 was published Dec 20, 2024
A server-side request forgery exists in Satellite. When a PUT HTTP request is made to ... Moderate Unreviewed
CVE-2024-12840 was published Dec 20, 2024
IBM Security Guardium 11.5 is vulnerable to server-side request forgery (SSRF). This may allow an... Moderate Unreviewed
CVE-2024-49336 was published Dec 19, 2024
The Broken Link Checker | Finder plugin for WordPress is vulnerable to Blind Server-Side Request... Moderate Unreviewed
CVE-2024-12121 was published Dec 19, 2024
In the GetSimple CMS CE 3.3.19 management page, Server-Side Request Forgery (SSRF) can be... High Unreviewed
CVE-2024-55086 was published Dec 18, 2024
The WP All Import Pro plugin for WordPress is vulnerable to Server-Side Request Forgery in all... High Unreviewed
CVE-2024-9624 was published Dec 17, 2024
Server-Side Request Forgery (SSRF) vulnerability in SoftLab Radio Player allows Server Side... High Unreviewed
CVE-2024-54385 was published Dec 16, 2024
Server-Side Request Forgery (SSRF) vulnerability in Hep Hep Hurra (HHH) Hurrakify allows Server... High Unreviewed
CVE-2024-54330 was published Dec 13, 2024
Server-Side Request Forgery (SSRF) vulnerability in PlexTrac allowing requests to internal system... High Unreviewed
CVE-2024-11836 was published Dec 13, 2024
SAP NetWeaver Administrator(System Overview) allows an authenticated attacker to enumerate... High Unreviewed
CVE-2024-54197 was published Dec 10, 2024
Adobe Document Service allows an attacker with administrator privileges to send a crafted request... Critical Unreviewed
CVE-2024-47578 was published Dec 10, 2024
Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could give attackers the ability... Critical Unreviewed
CVE-2024-48874 was published Dec 6, 2024
Oxide control plane software before 5 allows SSRF. Critical Unreviewed
CVE-2023-50913 was published Dec 5, 2024
Server-Side Request Forgery vulnerabilities were found providing a potential for access to... High Unreviewed
CVE-2024-6784 was published Dec 5, 2024
Server-Side Request Forgery (SSRF) vulnerability in Gabe Livan Asset CleanUp: Page Speed Booster... Moderate Unreviewed
CVE-2024-53738 was published Nov 30, 2024
LinkStack 2.7.9 through 4.7.7 allows resources\views\components\favicon.blade.php link SSRF. Moderate Unreviewed
CVE-2024-35451 was published Nov 29, 2024
PostHog database_schema Server-Side Request Forgery Information Disclosure Vulnerability. This... High Unreviewed
CVE-2024-9710 was published Nov 22, 2024
A vulnerability classified as critical was found in IPC Unigy Management System 04.03.00.08.0027.... Moderate Unreviewed
CVE-2024-11618 was published Nov 22, 2024
A server-side request forgery (SSRF) vulnerability has been reported to affect Notes Station 3.... Critical Unreviewed
CVE-2024-38645 was published Nov 22, 2024
Applications that use Wget to access a remote resource using shorthand URLs and pass arbitrary... Moderate Unreviewed
CVE-2024-10524 was published Nov 19, 2024
Server-Side Request Forgery (SSRF), Improper Control of Generation of Code ('Code Injection')... Critical Unreviewed
CVE-2024-47208 was published Nov 18, 2024
A Server-Side Request Forgery (SSRF) vulnerability was discovered in chatwoot/chatwoot, affecting... High Unreviewed
CVE-2021-3742 was published Nov 15, 2024
A server-side request forgery in PAN-OS software enables an unauthenticated attacker to use the... Moderate Unreviewed
CVE-2024-5917 was published Nov 14, 2024
The urllib.parse.urlsplit() and urlparse() functions improperly validated bracketed hosts (`[]`),... Moderate Unreviewed
CVE-2024-11168 was published Nov 13, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database