Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,760
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

1,199 advisories

Loading
Apache CXF: SSRF vulnerability via WADL stylesheet parameter Low
CVE-2024-29736 was published for org.apache.cxf:cxf-rt-rs-service-description (Maven) Jul 19, 2024
The server responded with an HTTP status of 500, indicating a server-side error that may cause... Moderate Unreviewed
CVE-2024-30125 was published Jul 18, 2024
SSRF in Apache HTTP Server on Windows with mod_rewrite in server/vhost context, allows to... Critical Unreviewed
CVE-2024-40898 was published Jul 18, 2024
Apache StreamPipes has possibility of SSRF in pipeline element installation process Moderate
CVE-2024-31979 was published for org.apache.streampipes:streampipes-parent (Maven) Jul 17, 2024
There is an SSRF vulnerability in the Fluid Topics platform that affects versions prior to 4.3,... Moderate Unreviewed
CVE-2023-31456 was published Jul 16, 2024
The vulnerability allows a malicious low-privileged PAM user to perform server upgrade related... Moderate Unreviewed
CVE-2024-36458 was published Jul 15, 2024
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to server-side request... Moderate Unreviewed
CVE-2024-39739 was published Jul 15, 2024
PublicCMS v4.0.202302.e was discovered to contain a Server-Side Request Forgery (SSRF) via the... High Unreviewed
CVE-2024-40544 was published Jul 12, 2024
PublicCMS v4.0.202302.e was discovered to contain a Server-Side Request Forgery (SSRF) via the... High Unreviewed
CVE-2024-40543 was published Jul 12, 2024
Microsoft SharePoint Server Information Disclosure Vulnerability High Unreviewed
CVE-2024-32987 was published Jul 9, 2024
SAP Transportation Management (Collaboration Portal) allows an attacker with non-administrative... Moderate Unreviewed
CVE-2024-37171 was published Jul 9, 2024
WebFlow Services of SAP Business Workflow allows an authenticated attacker to enumerate... Moderate Unreviewed
CVE-2024-34689 was published Jul 9, 2024
SAP CRM (WebClient UI Framework) allows an authenticated attacker to enumerate accessible HTTP... Moderate Unreviewed
CVE-2024-39598 was published Jul 9, 2024
Directus Blind SSRF On File Import Moderate
CVE-2024-39699 was published for @directus/api (npm) Jul 8, 2024
dmitrii-zalmanov
IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20... Moderate Unreviewed
CVE-2024-31897 was published Jul 8, 2024
A vulnerability in the /models/apply endpoint of mudler/localai versions 2.15.0 allows for Server... Moderate Unreviewed
CVE-2024-6095 was published Jul 6, 2024
Server-Side Request Forgery (SSRF) vulnerability in Theme-Ruby Foxiz.This issue affects Foxiz:... High Unreviewed
CVE-2024-37260 was published Jul 6, 2024
Server-Side Request Forgery (SSRF) vulnerability in Robert Macchi WP Scraper.This issue affects... Moderate Unreviewed
CVE-2024-37208 was published Jul 6, 2024
Server Side Request Forgery (SSRF) attack in Fedify Moderate
CVE-2024-39687 was published for @fedify/fedify (npm) Jul 5, 2024
ThisIsMissEm
Volmarg Personal Management System 1.4.64 is vulnerable to SSRF (Server Side Request Forgery) via... Critical Unreviewed
CVE-2024-29319 was published Jul 5, 2024
ShopXO Server-Side Request Forgery Vulnerability Moderate
CVE-2024-6524 was published for shopxo/shopxo (Composer) Jul 5, 2024
Server Side Request Forgery (SSRF) vulnerability in AdmirorFrames Joomla! extension in afGdStream... High Unreviewed
CVE-2024-5736 was published Jul 3, 2024
SSRF in Apache HTTP Server on Windows allows to potentially leak NTML hashes to a malicious... High Unreviewed
CVE-2024-38472 was published Jul 1, 2024
External server-side request vulnerability in MESbook 20221021.03 version, which could allow a... Critical Unreviewed
CVE-2024-6424 was published Jul 1, 2024
IBM InfoSphere Information Server 11.7 is vulnerable to server-side request forgery (SSRF). This... Moderate Unreviewed
CVE-2023-50952 was published Jun 30, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database