GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
378 advisories
Filter by severity
IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.14.3 is vulnerable to server-side request...
Moderate
Unreviewed
CVE-2021-39051
was published
Mar 15, 2022
The DefaultRepositoryAdminService class in Fisheye and Crucible before version 4.8.9 allowed...
Moderate
Unreviewed
CVE-2021-43954
was published
Mar 15, 2022
Sonatype Nexus Repository Manager 3.x before 3.38.0 allows SSRF.
Moderate
Unreviewed
CVE-2022-27907
was published
Mar 31, 2022
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.1 before 14...
Moderate
Unreviewed
CVE-2022-1188
was published
Apr 5, 2022
Dr Trust USA iCheck Connect BP Monitor BP Testing 118 version 1.2.1 is vulnerable to Transmitting...
Moderate
Unreviewed
CVE-2020-27375
was published
Apr 8, 2022
OX App Suite through 7.10.6 allows SSRF because the anti-SSRF protection mechanism only checks...
Moderate
Unreviewed
CVE-2022-37313
was published
Dec 26, 2022
Server-side request forgery (SSRF) vulnerability in feed-proxy.php in extjs 5.0.0.
Moderate
Unreviewed
CVE-2007-6758
was published
Apr 21, 2022
IBM QRadar 7.3.0 to 7.3.3 Patch 2 is vulnerable to Server Side Request Forgery (SSRF). This may...
Moderate
Unreviewed
CVE-2020-4294
was published
May 24, 2022
The WidgetConnector plugin in Confluence Server and Confluence Data Center before version 5.8.6...
Moderate
Unreviewed
CVE-2021-26072
was published
May 24, 2022
Some part of SAP NetWeaver (EP Web Page Composer) does not sufficiently validate an XML document...
Moderate
Unreviewed
CVE-2022-28217
was published
Jun 14, 2022
SAP NetWeaver, ABAP Platform and SAP Host Agent - versions KERNEL 7.22, 7.49, 7.53, 7.77, 7.81, 7...
Moderate
Unreviewed
CVE-2022-29612
was published
Jun 15, 2022
In Recipes, versions 0.9.1 through 1.2.5 are vulnerable to Server Side Request Forgery (SSRF), in...
Moderate
Unreviewed
CVE-2022-23071
was published
Jun 20, 2022
The GeoAnalytics feature in Qlik Sense April 2020 patch 4 allows SSRF.
Moderate
Unreviewed
CVE-2021-36761
was published
Jun 22, 2022
OneBlog v2.3.4 was discovered to contain a Server-Side Request Forgery (SSRF) vulnerability via...
Moderate
Unreviewed
CVE-2022-34011
was published
Jun 24, 2022
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to server-side request...
Moderate
Unreviewed
CVE-2021-20544
was published
Jun 25, 2022
A vulnerability in Mobile Plugin for Jira Data Center and Server allows a remote, authenticated...
Moderate
Unreviewed
CVE-2022-26135
was published
Jul 1, 2022
In FineCMS before 2017-07-06, application/lib/ajax/get_image_data.php has SSRF, related to...
Moderate
Unreviewed
CVE-2017-10973
was published
May 17, 2022
OneBlog v2.3.4 was discovered to contain a Server-Side Request Forgery (SSRF) vulnerability via...
Moderate
Unreviewed
CVE-2022-34013
was published
Jun 24, 2022
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to server-side request...
Moderate
Unreviewed
CVE-2021-20421
was published
Jun 25, 2022
A vulnerability, which was classified as critical, has been found in Lithium Forum 2017 Q1. This...
Moderate
Unreviewed
CVE-2017-20106
was published
Jun 29, 2022
SSRF vulnerability in remotedownload.php in Allen Disk 1.6 allows remote authenticated users to...
Moderate
Unreviewed
CVE-2017-9307
was published
May 17, 2022
IBM Sterling Partner Engagement Manager 6.1.2, 6.2, and Cloud/SasS 22.2 is vulnerable to server...
Moderate
Unreviewed
CVE-2022-22416
was published
Jul 20, 2022
OX App Suite through 7.10.6 allows SSRF because multipart/form-data boundaries are predictable,...
Moderate
Unreviewed
CVE-2022-24406
was published
Jul 28, 2022
SAP Netweaver AS ABAP, versions 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754,...
Moderate
Unreviewed
CVE-2020-6275
was published
May 24, 2022
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to server-side request...
Moderate
Unreviewed
CVE-2022-35282
was published
Sep 29, 2022
ProTip!
Advisories are also available from the
GraphQL API