Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

294 advisories

Loading
Server-Side Request Forgery in URL Mapper in Arctic Security's Arctic Hub versions 3.0.1764-5.6... High Unreviewed
CVE-2024-12867 was published Dec 20, 2024
In the GetSimple CMS CE 3.3.19 management page, Server-Side Request Forgery (SSRF) can be... High Unreviewed
CVE-2024-55086 was published Dec 18, 2024
The WP All Import Pro plugin for WordPress is vulnerable to Server-Side Request Forgery in all... High Unreviewed
CVE-2024-9624 was published Dec 17, 2024
Server-Side Request Forgery (SSRF) vulnerability in SoftLab Radio Player allows Server Side... High Unreviewed
CVE-2024-54385 was published Dec 16, 2024
Server-Side Request Forgery (SSRF) vulnerability in Hep Hep Hurra (HHH) Hurrakify allows Server... High Unreviewed
CVE-2024-54330 was published Dec 13, 2024
Server-Side Request Forgery (SSRF) vulnerability in PlexTrac allowing requests to internal system... High Unreviewed
CVE-2024-11836 was published Dec 13, 2024
SAP NetWeaver Administrator(System Overview) allows an authenticated attacker to enumerate... High Unreviewed
CVE-2024-54197 was published Dec 10, 2024
Server-Side Request Forgery vulnerabilities were found providing a potential for access to... High Unreviewed
CVE-2024-6784 was published Dec 5, 2024
PostHog database_schema Server-Side Request Forgery Information Disclosure Vulnerability. This... High Unreviewed
CVE-2024-9710 was published Nov 22, 2024
A Server-Side Request Forgery (SSRF) vulnerability was discovered in chatwoot/chatwoot, affecting... High Unreviewed
CVE-2021-3742 was published Nov 15, 2024
Adobe Commerce versions 3.2.5 and earlier are affected by a Server-Side Request Forgery (SSRF)... High Unreviewed
CVE-2024-49521 was published Nov 12, 2024
An issue was discovered in Logpoint before 7.5.0. Server-Side Request Forgery (SSRF) on SOAR can... High Unreviewed
CVE-2024-48951 was published Nov 7, 2024
AppSmith Community 1.8.3 before 1.46 allows SSRF via New DataSource for application/json requests... High Unreviewed
CVE-2024-51408 was published Nov 4, 2024
Qualitor v8.24 was discovered to contain a Server-Side Request Forgery (SSRF) via the component ... High Unreviewed
CVE-2024-48360 was published Oct 31, 2024
newbee-mall v1.0.0 is vulnerable to Server-Side Request Forgery (SSRF) via the goodsCoverImg... High Unreviewed
CVE-2024-48178 was published Oct 28, 2024
An issue was discovered in Zimbra Collaboration (ZCS) 10.1.x before 10.1.1, 10.0.x before 10.0.9,... High Unreviewed
CVE-2024-45518 was published Oct 22, 2024
The Mapplic and Mapplic Lite plugins for WordPress are vulnerable to Server-Side Request Forgery... High Unreviewed
CVE-2012-10018 was published Oct 16, 2024
A Server-Side Request Forgery (SSRF) vulnerability exists in the jpress <= v5.1.1, which can be... High Unreviewed
CVE-2024-46468 was published Oct 11, 2024
An issue has been discovered in GitLab EE affecting all versions starting from 15.10 prior to 17... High Unreviewed
CVE-2024-8977 was published Oct 10, 2024
Server-side request forgery in Ivanti Avalanche before version 6.4.5 allows a remote... High Unreviewed
CVE-2024-47008 was published Oct 8, 2024
Server-Side Request Forgery (SSRF) vulnerability in Firsh Justified Image Grid allows Server Side... High Unreviewed
CVE-2024-43989 was published Sep 23, 2024
An improper access control vulnerability in GroupMe allows an a unauthenticated attacker to... High Unreviewed
CVE-2024-38183 was published Sep 17, 2024
A server-side request forgery issue has been discovered in GitLab EE affecting all versions... High Unreviewed
CVE-2024-8635 was published Sep 12, 2024
Loftware Spectrum (testDeviceConnection) before 5.1 allows SSRF. High Unreviewed
CVE-2023-37230 was published Sep 10, 2024
Loftware Spectrum before 5.1 allows SSRF. High Unreviewed
CVE-2023-37229 was published Sep 10, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database