GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,018
Composer 4,300
Erlang 31
GitHub Actions 21
Go 2,069
Maven 5,241
npm 3,744
NuGet 668
pip 3,429
Pub 12
RubyGems 892
Rust 880
Swift 36

Unreviewed advisories

All unreviewed 240,424

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

299 advisories

Filter by severity

Sort by

Least recently updated

The ElementsKit PRO plugin for WordPress is vulnerable to Server-Side Request Forgery in versions... High Unreviewed

CVE-2024-4404 was published Jun 14, 2024

A Server-Side Request Forgery (SSRF) vulnerability in Microsoft Purview allows an authorized... High Unreviewed

CVE-2025-21385 was published Jan 10, 2025

A Server-Side Request Forgery vulnerability in the SonicOS SSH management interface allows a... High Unreviewed

CVE-2024-53705 was published Jan 9, 2025

A Server-Side Request Forgery (SSRF) in the endpoint http://{your-server}/url-to-pdf of Stirling... High Unreviewed

CVE-2024-55082 was published Dec 19, 2024

Microsoft Exchange Server Elevation of Privilege Vulnerability. High Unreviewed

CVE-2022-41040 was published Oct 4, 2022

A Server-Side Request Forgery (SSRF) in smarts-srl.com Smart Agent v.1.1.0 allows a remote... High Unreviewed

CVE-2024-50714 was published Dec 28, 2024

Server-Side Request Forgery in URL Mapper in Arctic Security's Arctic Hub versions 3.0.1764-5.6... High Unreviewed

CVE-2024-12867 was published Dec 20, 2024

In the GetSimple CMS CE 3.3.19 management page, Server-Side Request Forgery (SSRF) can be... High Unreviewed

CVE-2024-55086 was published Dec 18, 2024

The WP All Import Pro plugin for WordPress is vulnerable to Server-Side Request Forgery in all... High Unreviewed

CVE-2024-9624 was published Dec 17, 2024

Server-Side Request Forgery (SSRF) vulnerability in SoftLab Radio Player allows Server Side... High Unreviewed

CVE-2024-54385 was published Dec 16, 2024

Server-Side Request Forgery (SSRF) vulnerability in Hep Hep Hurra (HHH) Hurrakify allows Server... High Unreviewed

CVE-2024-54330 was published Dec 13, 2024

Server-Side Request Forgery (SSRF) vulnerability in PlexTrac allowing requests to internal system... High Unreviewed

CVE-2024-11836 was published Dec 13, 2024

SAP NetWeaver Administrator(System Overview) allows an authenticated attacker to enumerate... High Unreviewed

CVE-2024-54197 was published Dec 10, 2024

Server-Side Request Forgery vulnerabilities were found providing a potential for access to... High Unreviewed

CVE-2024-6784 was published Dec 5, 2024

PostHog database_schema Server-Side Request Forgery Information Disclosure Vulnerability. This... High Unreviewed

CVE-2024-9710 was published Nov 22, 2024

A Server-Side Request Forgery (SSRF) vulnerability was discovered in chatwoot/chatwoot, affecting... High Unreviewed

CVE-2021-3742 was published Nov 15, 2024

The CloudStack management server and secondary storage VM could be tricked into making requests... High Unreviewed

CVE-2024-29007 was published Apr 4, 2024

Adobe Commerce versions 3.2.5 and earlier are affected by a Server-Side Request Forgery (SSRF)... High Unreviewed

CVE-2024-49521 was published Nov 12, 2024

An issue was discovered in Logpoint before 7.5.0. Server-Side Request Forgery (SSRF) on SOAR can... High Unreviewed

CVE-2024-48951 was published Nov 7, 2024

An issue in Open-Source Technology Committee SRS real-time video server RS/4.0.268(Leo) and SRS/4... High Unreviewed

CVE-2024-33250 was published May 14, 2024

AppSmith Community 1.8.3 before 1.46 allows SSRF via New DataSource for application/json requests... High Unreviewed

CVE-2024-51408 was published Nov 4, 2024

Qualitor v8.24 was discovered to contain a Server-Side Request Forgery (SSRF) via the component ... High Unreviewed

CVE-2024-48360 was published Oct 31, 2024

newbee-mall v1.0.0 is vulnerable to Server-Side Request Forgery (SSRF) via the goodsCoverImg... High Unreviewed

CVE-2024-48178 was published Oct 28, 2024

An issue in inducer relate before v.2024.1 allows a remote attacker to execute arbitrary code via... High Unreviewed

CVE-2024-32407 was published Apr 22, 2024

An issue was discovered in Zimbra Collaboration (ZCS) 10.1.x before 10.1.1, 10.0.x before 10.0.9,... High Unreviewed

CVE-2024-45518 was published Oct 22, 2024

Previous 1 2 3 4 5 … 11 12 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

299 advisories