GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,793
Erlang
29
GitHub Actions
16
Go
1,710
Maven
4,947
npm
3,475
NuGet
605
pip
3,001
Pub
10
RubyGems
828
Rust
773
Swift
34
Unreviewed advisories
All unreviewed
5,000+
960 advisories
Filter by severity
VuFind Server-Side Request Forgery (SSRF) vulnerability
Critical
CVE-2024-25738
was published
for
vufind/vufind
(Composer)
May 22, 2024
VuFind Server-Side Request Forgery (SSRF) vulnerability
Critical
CVE-2024-25737
was published
for
vufind/vufind
(Composer)
May 22, 2024
Withdrawn Advisory: Weights and Biases (wandb) has a Server-Side Request Forgery (SSRF) vulnerability
High
CVE-2024-4642
was published
for
wandb
(pip)
May 16, 2024
•
withdrawn
Server Side Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200....
Moderate
Unreviewed
CVE-2024-3485
was published
May 15, 2024
Server Side Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200....
Moderate
Unreviewed
CVE-2024-3970
was published
May 15, 2024
ITPison OMICARD EDM fails to properly filter specific URL parameter, allowing unauthenticated...
Moderate
Unreviewed
CVE-2024-4894
was published
May 15, 2024
The Proofpoint Encryption endpoint of Proofpoint Enterprise Protection contains a Server-Side...
Moderate
Unreviewed
CVE-2024-0862
was published
May 14, 2024
In WhatsUp Gold versions released before 2023.1.2 ,
an SSRF vulnerability exists in Whatsup...
Moderate
Unreviewed
CVE-2024-4562
was published
May 14, 2024
In WhatsUp Gold versions released before 2023.1.2 ,
a blind SSRF vulnerability exists in...
Moderate
Unreviewed
CVE-2024-4561
was published
May 14, 2024
Server-Side Request Forgery (SSRF) vulnerability in ShortPixel ShortPixel Adaptive Images.This...
Moderate
Unreviewed
CVE-2024-35172
was published
May 14, 2024
Apache Karaf Cave: Cave SSRF and arbitrary file access
Critical
CVE-2024-34365
was published
for
org.apache.karaf:cave
(Maven)
May 14, 2024
lobe-chat `/api/proxy` endpoint Server-Side Request Forgery vulnerability
Critical
CVE-2024-32964
was published
for
@lobehub/chat
(npm)
May 10, 2024
Next.js Server-Side Request Forgery in Server Actions
High
CVE-2024-34351
was published
for
next
(npm)
May 9, 2024
Server-Side Request Forgery (SSRF) vulnerability in codeSavory Knowledge Base documentation &...
Moderate
Unreviewed
CVE-2024-33590
was published
Apr 29, 2024
Server-Side Request Forgery (SSRF) vulnerability in Cusmin Absolutely Glamorous Custom Admin.This...
Moderate
Unreviewed
CVE-2024-33627
was published
Apr 29, 2024
Server-Side Request Forgery (SSRF) vulnerability in Creative Motion Auto Featured Image (Auto...
Moderate
Unreviewed
CVE-2024-33629
was published
Apr 29, 2024
Server-Side Request Forgery (SSRF) vulnerability in Piotnet Piotnet Addons For Elementor Pro.This...
Moderate
Unreviewed
CVE-2024-33634
was published
Apr 29, 2024
Server-Side Request Forgery (SSRF) vulnerability in SoftLab Radio Player.This issue affects Radio...
Moderate
Unreviewed
CVE-2024-33592
was published
Apr 25, 2024
Server-Side Request Forgery (SSRF) vulnerability in Podlove Podlove Podcast Publisher.This issue...
Moderate
Unreviewed
CVE-2024-32812
was published
Apr 24, 2024
Server-Side Request Forgery (SSRF) vulnerability in 2day.Sk, Webikon SuperFaktura WooCommerce...
Moderate
Unreviewed
CVE-2024-32803
was published
Apr 24, 2024
Server-Side Request Forgery (SSRF) vulnerability in Webangon The Pack Elementor.This issue...
Moderate
Unreviewed
CVE-2024-32718
was published
Apr 24, 2024
Server-Side Request Forgery (SSRF) vulnerability in Pavex Embed Google Photos album.This issue...
Moderate
Unreviewed
CVE-2024-32775
was published
Apr 24, 2024
Server-Side Request Forgery (SSRF) vulnerability in Foliovision FV Flowplayer Video Player.This...
Moderate
Unreviewed
CVE-2024-32955
was published
Apr 24, 2024
Server-Side Request Forgery (SSRF) vulnerability in Culqi.This issue affects Culqi: from n/a...
Moderate
Unreviewed
CVE-2024-32819
was published
Apr 24, 2024
Apache HugeGraph-Hubble: SSRF in Hubble connection page
High
CVE-2024-27347
was published
for
org.apache.hugegraph:hugegraph-hubble
(Maven)
Apr 22, 2024
ProTip!
Advisories are also available from the
GraphQL API