GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
404 advisories
Filter by severity
Adobe Commerce versions 3.2.5 and earlier are affected by a Server-Side Request Forgery (SSRF)...
High
Unreviewed
CVE-2024-49521
was published
Nov 12, 2024
An issue was discovered in Logpoint before 7.5.0. Server-Side Request Forgery (SSRF) on SOAR can...
High
Unreviewed
CVE-2024-48951
was published
Nov 7, 2024
AppSmith Community 1.8.3 before 1.46 allows SSRF via New DataSource for application/json requests...
High
Unreviewed
CVE-2024-51408
was published
Nov 4, 2024
Qualitor v8.24 was discovered to contain a Server-Side Request Forgery (SSRF) via the component ...
High
Unreviewed
CVE-2024-48360
was published
Oct 31, 2024
newbee-mall v1.0.0 is vulnerable to Server-Side Request Forgery (SSRF) via the goodsCoverImg...
High
Unreviewed
CVE-2024-48178
was published
Oct 28, 2024
An issue was discovered in Zimbra Collaboration (ZCS) 10.1.x before 10.1.1, 10.0.x before 10.0.9,...
High
Unreviewed
CVE-2024-45518
was published
Oct 22, 2024
The Mapplic and Mapplic Lite plugins for WordPress are vulnerable to Server-Side Request Forgery...
High
Unreviewed
CVE-2012-10018
was published
Oct 16, 2024
A Server-Side Request Forgery (SSRF) vulnerability exists in the jpress <= v5.1.1, which can be...
High
Unreviewed
CVE-2024-46468
was published
Oct 11, 2024
An issue has been discovered in GitLab EE affecting all versions starting from 15.10 prior to 17...
High
Unreviewed
CVE-2024-8977
was published
Oct 10, 2024
Server-side request forgery in Ivanti Avalanche before version 6.4.5 allows a remote...
High
Unreviewed
CVE-2024-47008
was published
Oct 8, 2024
PhpSpreadsheet allows absolute path traversal and Server-Side Request Forgery when opening XLSX file
High
CVE-2024-45290
was published
for
phpoffice/phpspreadsheet
(Composer)
Oct 7, 2024
Server-Side Request Forgery (SSRF) vulnerability in Firsh Justified Image Grid allows Server Side...
High
Unreviewed
CVE-2024-43989
was published
Sep 23, 2024
An improper access control vulnerability in GroupMe allows an a unauthenticated attacker to...
High
Unreviewed
CVE-2024-38183
was published
Sep 17, 2024
LiteLLM Server-Side Request Forgery (SSRF) vulnerability
High
CVE-2024-6587
was published
for
litellm
(pip)
Sep 13, 2024
A server-side request forgery issue has been discovered in GitLab EE affecting all versions...
High
Unreviewed
CVE-2024-8635
was published
Sep 12, 2024
Loftware Spectrum (testDeviceConnection) before 5.1 allows SSRF.
High
Unreviewed
CVE-2023-37230
was published
Sep 10, 2024
A server side request forgery vulnerability allows a low-privileged user to perform local...
High
Unreviewed
CVE-2024-40718
was published
Sep 7, 2024
Server-Side Request Forgery (SSRF), Improper Control of Generation of Code ('Code Injection')...
High
Unreviewed
CVE-2024-45507
was published
Sep 4, 2024
req may send an unintended request when a malformed URL is provided
High
CVE-2024-45258
was published
for
github.com/imroc/req
(Go)
Aug 26, 2024
The Skitter Slideshow plugin for WordPress is vulnerable to Server-Side Request Forgery in all...
High
Unreviewed
CVE-2022-1751
was published
Aug 17, 2024
CometVisu Backend for openHAB affected by SSRF/XSS
High
CVE-2024-42467
was published
for
org.openhab.ui.bundles:org.openhab.ui.cometvisu
(Maven)
Aug 9, 2024
The Modern Events Calendar plugin for WordPress is vulnerable to Server-Side Request Forgery in...
High
Unreviewed
CVE-2024-6522
was published
Aug 7, 2024
An authenticated attacker can bypass Server-Side Request Forgery (SSRF) protection in Microsoft...
High
Unreviewed
CVE-2024-38206
was published
Aug 7, 2024
ProTip!
Advisories are also available from the
GraphQL API