GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,939
Maven
5,000+
npm
3,677
NuGet
643
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
810 advisories
Filter by severity
Server-Side Request Forgery (SSRF) vulnerability in WisdmLabs Edwiser Bridge.This issue affects...
Moderate
Unreviewed
CVE-2024-49312
was published
Oct 17, 2024
An authenticated administrator is able to prepare an alert that is able to execute an SSRF attack...
Moderate
Unreviewed
CVE-2021-42079
was published
Jul 10, 2023
The Mapplic and Mapplic Lite plugins for WordPress are vulnerable to Server-Side Request Forgery...
High
Unreviewed
CVE-2012-10018
was published
Oct 16, 2024
A Server-Side Request Forgery (SSRF) vulnerability exists in the jpress <= v5.1.1, which can be...
High
Unreviewed
CVE-2024-46468
was published
Oct 11, 2024
A Server-Side Request Forgery (SSRF) vulnerability in SMA1000 appliance firmware versions 12.4.3...
Unknown
Unreviewed
CVE-2024-45317
was published
Oct 11, 2024
An issue has been discovered in GitLab EE affecting all versions starting from 15.10 prior to 17...
High
Unreviewed
CVE-2024-8977
was published
Oct 10, 2024
Unauthenticated LFI/SSRF in JCDashboards component for Joomla.
Critical
Unreviewed
CVE-2023-40630
was published
Dec 14, 2023
Server-side request forgery in Ivanti Avalanche before version 6.4.5 allows a remote...
High
Unreviewed
CVE-2024-47008
was published
Oct 8, 2024
Ada.cx's Sentry configuration allowed for blind server-side request forgeries (SSRF) through the...
Moderate
Unreviewed
CVE-2024-9410
was published
Oct 4, 2024
An issue in Prestashop v.8.1.7 and before allows a remote attacker to execute arbitrary code via...
Critical
Unreviewed
CVE-2024-41651
was published
Aug 12, 2024
New Cloud MyOffice SDK Collaborative Editing Server 2.2.2 through 2.8 allows SSRF via...
Critical
Unreviewed
CVE-2024-47222
was published
Sep 23, 2024
Mattermost versions 9.5.x <= 9.5.8 fail to include the metadata endpoints of Oracle Cloud and...
Low
Unreviewed
CVE-2024-45843
was published
Sep 26, 2024
eladmin v2.7 and before is vulnerable to Server-Side Request Forgery (SSRF) which allows an...
Critical
Unreviewed
CVE-2024-44677
was published
Sep 10, 2024
An issue in Doccano Open source annotation tools for machine learning practitioners v.1.8.4 and...
Moderate
Unreviewed
CVE-2024-40441
was published
Sep 23, 2024
Server-Side Request Forgery (SSRF) vulnerability in Firsh Justified Image Grid allows Server Side...
High
Unreviewed
CVE-2024-43989
was published
Sep 23, 2024
An improper access control vulnerability in GroupMe allows an a unauthenticated attacker to...
High
Unreviewed
CVE-2024-38183
was published
Sep 17, 2024
A server-side request forgery issue has been discovered in GitLab EE affecting all versions...
High
Unreviewed
CVE-2024-8635
was published
Sep 12, 2024
Possible
External Service Interaction attack
in eDirectory has been discovered in
OpenText™...
Moderate
Unreviewed
CVE-2021-38132
was published
Sep 12, 2024
A Server-Side Request Forgery (SSRF) vulnerability in Terminalfour before 8.3.19 allows...
Moderate
Unreviewed
CVE-2024-22217
was published
Aug 15, 2024
Loftware Spectrum (testDeviceConnection) before 5.1 allows SSRF.
High
Unreviewed
CVE-2023-37230
was published
Sep 10, 2024
SeaCMS v13.1 was discovered to a Server-Side Request Forgery (SSRF) via the url parameter at ...
Critical
Unreviewed
CVE-2024-44721
was published
Sep 9, 2024
A server side request forgery vulnerability allows a low-privileged user to perform local...
High
Unreviewed
CVE-2024-40718
was published
Sep 7, 2024
Server-Side Request Forgery (SSRF), Improper Control of Generation of Code ('Code Injection')...
High
Unreviewed
CVE-2024-45507
was published
Sep 4, 2024
** UNSUPPORTED WHEN ASSIGNED ** Server-Side Request Forgery (SSRF) vulnerability in Apache IoTDB...
High
Unreviewed
CVE-2024-36448
was published
Aug 5, 2024
ProTip!
Advisories are also available from the
GraphQL API