Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,342
Erlang
31
GitHub Actions
22
Go
2,106
Maven
5,000+
npm
3,764
NuGet
679
pip
3,451
Pub
12
RubyGems
892
Rust
886
Swift
37
Unreviewed advisories
All unreviewed
5,000+

517 advisories

Loading
LinkStack 2.7.9 through 4.7.7 allows resources\views\components\favicon.blade.php link SSRF. Moderate Unreviewed
CVE-2024-35451 was published Nov 29, 2024
Backstage Scaffolder plugin vulnerable to Server-Side Request Forgery Moderate
CVE-2024-53983 was published for @backstage/plugin-scaffolder-node (npm) Dec 2, 2024
crmeb_java v1.3.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the... Moderate Unreviewed
CVE-2024-33117 was published May 6, 2024
Magento Open Source Server-Side Request Forgery (SSRF) vulnerability Moderate
CVE-2024-45119 was published for magento/community-edition (Composer) Oct 10, 2024
An SSRF issue was discovered in Zoho Application Control Plus before version 10.0.511. The mail... Moderate Unreviewed
CVE-2020-15594 was published May 24, 2022
In multiple functions of ChooserActivity.java, there is a possible cross-user media read due to a... Moderate Unreviewed
CVE-2023-21105 was published Jun 15, 2023
The Broken Link Checker | Finder plugin for WordPress is vulnerable to Blind Server-Side Request... Moderate Unreviewed
CVE-2024-12121 was published Dec 19, 2024
IBM Security Guardium 11.5 is vulnerable to server-side request forgery (SSRF). This may allow an... Moderate Unreviewed
CVE-2024-49336 was published Dec 19, 2024
A server-side request forgery exists in Satellite. When a PUT HTTP request is made to ... Moderate Unreviewed
CVE-2024-12840 was published Dec 20, 2024
IBM i 7.3, 7.4, and 7.5 is vulnerable to server-side request forgery (SSRF). This may allow an... Moderate Unreviewed
CVE-2024-51463 was published Dec 21, 2024
A vulnerability was found in WISI Tangram GT31 up to 20241214 and classified as problematic.... Moderate Unreviewed
CVE-2024-12989 was published Dec 27, 2024
A vulnerability, which was classified as problematic, was found in Antabot White-Jotter up to 0.2... Moderate Unreviewed
CVE-2024-13029 was published Dec 30, 2024
A vulnerability classified as problematic was found in Antabot White-Jotter up to 0.2.2. Affected... Moderate Unreviewed
CVE-2024-13032 was published Dec 30, 2024
The Photo Gallery Slideshow & Masonry Tiled Gallery plugin for WordPress is vulnerable to Server... Moderate Unreviewed
CVE-2024-12237 was published Jan 4, 2025
A vulnerability was found in wangl1989 mysiteforme 1.0. It has been rated as critical. This issue... Moderate Unreviewed
CVE-2024-13139 was published Jan 5, 2025
The urllib.parse.urlsplit() and urlparse() functions improperly validated bracketed hosts (`[]`),... Moderate Unreviewed
CVE-2024-11168 was published Nov 13, 2024
Server-Side Request Forgery (SSRF) vulnerability in Envato Envato Elements allows Server Side... Moderate Unreviewed
CVE-2024-56275 was published Jan 7, 2025
Server-Side Request Forgery (SSRF) vulnerability in Tips and Tricks HQ Compact WP Audio Player... Moderate Unreviewed
CVE-2024-56279 was published Jan 7, 2025
VMware Aria Automation contains a server-side request forgery (SSRF) vulnerability. A malicious... Moderate Unreviewed
CVE-2025-22215 was published Jan 8, 2025
A vulnerability was found in donglight bookstore电商书城系统说明 1.0.0. It has been classified as... Moderate Unreviewed
CVE-2024-13195 was published Jan 9, 2025
The RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator... Moderate Unreviewed
CVE-2023-6805 was published Apr 17, 2024
Server-Side Request Forgery (SSRF) vulnerability in Faizaan Gagan Course Migration for LearnDash... Moderate Unreviewed
CVE-2025-22346 was published Jan 15, 2025
A vulnerability classified as problematic has been found in wuzhicms 4.1.0. This affects the... Moderate Unreviewed
CVE-2025-0480 was published Jan 15, 2025
Server-Side Forgery Request can be activated unmarshalling with XStream Moderate
CVE-2020-26258 was published for com.thoughtworks.xstream:xstream (Maven) Dec 21, 2020
vulnerability-analyst
The Seraphinite Accelerator plugin for WordPress is vulnerable to Server-Side Request Forgery in... Moderate Unreviewed
CVE-2024-1568 was published Feb 28, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database