Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,069
Maven
5,000+
npm
3,744
NuGet
668
pip
3,429
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

880 advisories

Loading
The ElementsKit PRO plugin for WordPress is vulnerable to Server-Side Request Forgery in versions... High Unreviewed
CVE-2024-4404 was published Jun 14, 2024
A Server-Side Request Forgery (SSRF) vulnerability in Microsoft Purview allows an authorized... High Unreviewed
CVE-2025-21385 was published Jan 10, 2025
A Server-Side Request Forgery vulnerability in the SonicOS SSH management interface allows a... High Unreviewed
CVE-2024-53705 was published Jan 9, 2025
A vulnerability was found in donglight bookstore电商书城系统说明 1.0.0. It has been classified as... Moderate Unreviewed
CVE-2024-13195 was published Jan 9, 2025
I, Librarian before and including 5.11.1 is vulnerable to Server-Side Request Forgery (SSRF) due... Critical Unreviewed
CVE-2024-54819 was published Jan 7, 2025
VMware Aria Automation contains a server-side request forgery (SSRF) vulnerability. A malicious... Moderate Unreviewed
CVE-2025-22215 was published Jan 8, 2025
Server-Side Request Forgery (SSRF) vulnerability in Tips and Tricks HQ Compact WP Audio Player... Moderate Unreviewed
CVE-2024-56279 was published Jan 7, 2025
Server-Side Request Forgery (SSRF) vulnerability in Envato Envato Elements allows Server Side... Moderate Unreviewed
CVE-2024-56275 was published Jan 7, 2025
The urllib.parse.urlsplit() and urlparse() functions improperly validated bracketed hosts (`[]`),... Moderate Unreviewed
CVE-2024-11168 was published Nov 13, 2024
A vulnerability was found in wangl1989 mysiteforme 1.0. It has been rated as critical. This issue... Moderate Unreviewed
CVE-2024-13139 was published Jan 5, 2025
The Photo Gallery Slideshow & Masonry Tiled Gallery plugin for WordPress is vulnerable to Server... Moderate Unreviewed
CVE-2024-12237 was published Jan 4, 2025
A Server-Side Request Forgery (SSRF) in the endpoint http://{your-server}/url-to-pdf of Stirling... High Unreviewed
CVE-2024-55082 was published Dec 19, 2024
Microsoft Exchange Server Elevation of Privilege Vulnerability. High Unreviewed
CVE-2022-41040 was published Oct 4, 2022
A Server-Side Request Forgery (SSRF) vulnerability exists in the POST /worker_generate_stream API... Critical Unreviewed
CVE-2024-10044 was published Dec 30, 2024
A vulnerability classified as problematic was found in Antabot White-Jotter up to 0.2.2. Affected... Moderate Unreviewed
CVE-2024-13032 was published Dec 30, 2024
A vulnerability, which was classified as problematic, was found in Antabot White-Jotter up to 0.2... Moderate Unreviewed
CVE-2024-13029 was published Dec 30, 2024
A Server-Side Request Forgery (SSRF) in smarts-srl.com Smart Agent v.1.1.0 allows a remote... High Unreviewed
CVE-2024-50714 was published Dec 28, 2024
A vulnerability was found in WISI Tangram GT31 up to 20241214 and classified as problematic.... Moderate Unreviewed
CVE-2024-12989 was published Dec 27, 2024
IBM i 7.3, 7.4, and 7.5 is vulnerable to server-side request forgery (SSRF). This may allow an... Moderate Unreviewed
CVE-2024-51463 was published Dec 21, 2024
Server-Side Request Forgery in URL Mapper in Arctic Security's Arctic Hub versions 3.0.1764-5.6... High Unreviewed
CVE-2024-12867 was published Dec 20, 2024
A server-side request forgery exists in Satellite. When a PUT HTTP request is made to ... Moderate Unreviewed
CVE-2024-12840 was published Dec 20, 2024
IBM Security Guardium 11.5 is vulnerable to server-side request forgery (SSRF). This may allow an... Moderate Unreviewed
CVE-2024-49336 was published Dec 19, 2024
The Broken Link Checker | Finder plugin for WordPress is vulnerable to Blind Server-Side Request... Moderate Unreviewed
CVE-2024-12121 was published Dec 19, 2024
In the GetSimple CMS CE 3.3.19 management page, Server-Side Request Forgery (SSRF) can be... High Unreviewed
CVE-2024-55086 was published Dec 18, 2024
In multiple functions of ChooserActivity.java, there is a possible cross-user media read due to a... Moderate Unreviewed
CVE-2023-21105 was published Jun 15, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database