Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,087
Maven
5,000+
npm
3,751
NuGet
674
pip
3,437
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

423 advisories

Loading
Invoice Ninja is vulnerable to authenticated Server-Side Request Forgery (SSRF) allowing for... High Unreviewed
CVE-2025-0474 was published Jan 14, 2025
Veeam Backup for Microsoft Azure is vulnerable to Server-Side Request Forgery (SSRF). This may... High Unreviewed
CVE-2025-23082 was published Jan 14, 2025
A Server-Side Request Forgery (SSRF) vulnerability in Microsoft Purview allows an authorized... High Unreviewed
CVE-2025-21385 was published Jan 10, 2025
A Server-Side Request Forgery vulnerability in the SonicOS SSH management interface allows a... High Unreviewed
CVE-2024-53705 was published Jan 9, 2025
A Server-Side Request Forgery (SSRF) in smarts-srl.com Smart Agent v.1.1.0 allows a remote... High Unreviewed
CVE-2024-50714 was published Dec 28, 2024
Server-Side Request Forgery in URL Mapper in Arctic Security's Arctic Hub versions 3.0.1764-5.6... High Unreviewed
CVE-2024-12867 was published Dec 20, 2024
A Server-Side Request Forgery (SSRF) in the endpoint http://{your-server}/url-to-pdf of Stirling... High Unreviewed
CVE-2024-55082 was published Dec 19, 2024
In the GetSimple CMS CE 3.3.19 management page, Server-Side Request Forgery (SSRF) can be... High Unreviewed
CVE-2024-55086 was published Dec 18, 2024
The WP All Import Pro plugin for WordPress is vulnerable to Server-Side Request Forgery in all... High Unreviewed
CVE-2024-9624 was published Dec 17, 2024
Server-Side Request Forgery (SSRF) vulnerability in SoftLab Radio Player allows Server Side... High Unreviewed
CVE-2024-54385 was published Dec 16, 2024
Server-Side Request Forgery (SSRF) vulnerability in Hep Hep Hurra (HHH) Hurrakify allows Server... High Unreviewed
CVE-2024-54330 was published Dec 13, 2024
Server-Side Request Forgery (SSRF) vulnerability in PlexTrac allowing requests to internal system... High Unreviewed
CVE-2024-11836 was published Dec 13, 2024
SAP NetWeaver Administrator(System Overview) allows an authenticated attacker to enumerate... High Unreviewed
CVE-2024-54197 was published Dec 10, 2024
Server-Side Request Forgery vulnerabilities were found providing a potential for access to... High Unreviewed
CVE-2024-6784 was published Dec 5, 2024
@lobehub/chat Server Side Request Forgery vulnerability High
CVE-2024-32965 was published for @lobehub/chat (npm) Nov 26, 2024
yyzsec
PostHog database_schema Server-Side Request Forgery Information Disclosure Vulnerability. This... High Unreviewed
CVE-2024-9710 was published Nov 22, 2024
GeoNode Server Side Request forgery High
CVE-2023-40017 was published for geonode (pip) Nov 21, 2024
ImThatT
A Server-Side Request Forgery (SSRF) vulnerability was discovered in chatwoot/chatwoot, affecting... High Unreviewed
CVE-2021-3742 was published Nov 15, 2024
Adobe Commerce versions 3.2.5 and earlier are affected by a Server-Side Request Forgery (SSRF)... High Unreviewed
CVE-2024-49521 was published Nov 12, 2024
An issue was discovered in Logpoint before 7.5.0. Server-Side Request Forgery (SSRF) on SOAR can... High Unreviewed
CVE-2024-48951 was published Nov 7, 2024
AppSmith Community 1.8.3 before 1.46 allows SSRF via New DataSource for application/json requests... High Unreviewed
CVE-2024-51408 was published Nov 4, 2024
Qualitor v8.24 was discovered to contain a Server-Side Request Forgery (SSRF) via the component ... High Unreviewed
CVE-2024-48360 was published Oct 31, 2024
newbee-mall v1.0.0 is vulnerable to Server-Side Request Forgery (SSRF) via the goodsCoverImg... High Unreviewed
CVE-2024-48178 was published Oct 28, 2024
An issue was discovered in Zimbra Collaboration (ZCS) 10.1.x before 10.1.1, 10.0.x before 10.0.9,... High Unreviewed
CVE-2024-45518 was published Oct 22, 2024
The Mapplic and Mapplic Lite plugins for WordPress are vulnerable to Server-Side Request Forgery... High Unreviewed
CVE-2012-10018 was published Oct 16, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database