GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
1,127 advisories
Filter by severity
A server-side request forgery in PAN-OS software enables an unauthenticated attacker to use the...
Moderate
Unreviewed
CVE-2024-5917
was published
Nov 14, 2024
The urllib.parse.urlsplit() and urlparse() functions improperly validated bracketed hosts (`[]`),...
Moderate
Unreviewed
CVE-2024-11168
was published
Nov 13, 2024
Adobe Commerce versions 3.2.5 and earlier are affected by a Server-Side Request Forgery (SSRF)...
High
Unreviewed
CVE-2024-49521
was published
Nov 12, 2024
Server-Side Request Forgery (SSRF) vulnerability in I Thirteen Web Solution Responsive Filterable...
Moderate
Unreviewed
CVE-2024-51785
was published
Nov 9, 2024
The Code Embed plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions...
Moderate
Unreviewed
CVE-2024-10814
was published
Nov 9, 2024
Northern.tech Mender before 3.6.6 and 3.7.x before 3.7.7 allows SSRF.
Moderate
Unreviewed
CVE-2024-46947
was published
Nov 8, 2024
Northern.tech Hosted Mender before 2024.07.11 allows SSRF.
Low
Unreviewed
CVE-2024-47190
was published
Nov 8, 2024
An issue was discovered in Logpoint before 7.5.0. Server-Side Request Forgery (SSRF) on SOAR can...
High
Unreviewed
CVE-2024-48951
was published
Nov 7, 2024
An issue in Linux Server Heimdall v.2.6.1 allows a remote attacker to execute arbitrary code via...
Critical
Unreviewed
CVE-2024-51358
was published
Nov 6, 2024
gradio Server Side Request Forgery vulnerability
Moderate
CVE-2024-48052
was published
for
gradio
(pip)
Nov 5, 2024
Server-Side Request Forgery (SSRF) vulnerability in Noor alam Magical Addons For Elementor allows...
Moderate
Unreviewed
CVE-2024-51665
was published
Nov 4, 2024
AppSmith Community 1.8.3 before 1.46 allows SSRF via New DataSource for application/json requests...
High
Unreviewed
CVE-2024-51408
was published
Nov 4, 2024
Qualitor v8.24 was discovered to contain a Server-Side Request Forgery (SSRF) via the component ...
High
Unreviewed
CVE-2024-48360
was published
Oct 31, 2024
A Server-Side Request Forgery (SSRF) vulnerability has been identified in eladmin 2.7 and earlier...
Moderate
Unreviewed
CVE-2024-51242
was published
Oct 30, 2024
xtreme1 <= v0.9.1 contains a Server-Side Request Forgery (SSRF) vulnerability in the /api/data...
Moderate
Unreviewed
CVE-2024-48346
was published
Oct 30, 2024
SparkShop <=1.1.7 is vulnerable to server-side request forgery (SSRF). This vulnerability allows...
Moderate
Unreviewed
CVE-2024-48107
was published
Oct 28, 2024
newbee-mall v1.0.0 is vulnerable to Server-Side Request Forgery (SSRF) via the goodsCoverImg...
High
Unreviewed
CVE-2024-48178
was published
Oct 28, 2024
An issue was discovered in mipjz 5.0.5. In the push method of app\tag\controller\ApiAdminTag.php...
Moderate
Unreviewed
CVE-2024-48234
was published
Oct 26, 2024
An issue was found in mipjz 5.0.5. In the mipPost method of \app\setting\controller\ApiAdminTool...
Moderate
Unreviewed
CVE-2024-48232
was published
Oct 25, 2024
An arbitrary file upload vulnerability in Huly Platform v0.6.295 allows attackers to execute...
Moderate
Unreviewed
CVE-2024-48450
was published
Oct 25, 2024
Butterfly has path/URL confusion in resource handling leading to multiple weaknesses
Critical
CVE-2024-47883
was published
for
org.openrefine.dependencies:butterfly
(Maven)
Oct 24, 2024
An issue was discovered in Zimbra Collaboration (ZCS) 10.1.x before 10.1.1, 10.0.x before 10.0.9,...
High
Unreviewed
CVE-2024-45518
was published
Oct 22, 2024
Server-Side Request Forgery (SSRF) vulnerability in WisdmLabs Edwiser Bridge.This issue affects...
Moderate
Unreviewed
CVE-2024-49312
was published
Oct 17, 2024
The Mapplic and Mapplic Lite plugins for WordPress are vulnerable to Server-Side Request Forgery...
High
Unreviewed
CVE-2012-10018
was published
Oct 16, 2024
A Server-Side Request Forgery (SSRF) vulnerability exists in the jpress <= v5.1.1, which can be...
High
Unreviewed
CVE-2024-46468
was published
Oct 11, 2024
ProTip!
Advisories are also available from the
GraphQL API