Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,356
Erlang
33
GitHub Actions
22
Go
2,121
Maven
5,000+
npm
3,783
NuGet
683
pip
3,465
Pub
12
RubyGems
893
Rust
892
Swift
38
Unreviewed advisories
All unreviewed
5,000+

430 advisories

Loading
Server-Side Request Forgery (SSRF) vulnerability in Vova Anokhin WP Shortcodes Plugin —... High Unreviewed
CVE-2023-23800 was published Nov 13, 2023
Local File Inclusion vulnerability in Midori-global Better PDF Exporter for Jira Server and Jira... High Unreviewed
CVE-2023-42361 was published Nov 8, 2023
FoodCoopShop Server-Side Request Forgery vulnerability High
CVE-2023-46725 was published for foodcoopshop/foodcoopshop (Composer) Nov 2, 2023
asesidaa mrothauer
The Assistant WordPress plugin before 1.4.4 does not validate a parameter before making a request... High Unreviewed
CVE-2023-5798 was published Oct 26, 2023
WPS Server Side Request Forgery vulnerability High
CVE-2023-43795 was published for org.geoserver.extension:gs-wps-core (Maven) Oct 24, 2023
Fides Server-Side Request Forgery Vulnerability in Custom Integration Upload High
CVE-2023-46124 was published for ethyca-fides (pip) Oct 24, 2023
grmpyninja
umputun remark42 version 1.12.1 and before has a Blind Server-Side Request Forgery (SSRF)... High Unreviewed
CVE-2023-45966 was published Oct 23, 2023
link_to_local_path in ebooks/conversion/plugins/html_input.py in calibre before 6.19.0 can, by... High Unreviewed
CVE-2023-46303 was published Oct 22, 2023
Langchain Server-Side Request Forgery vulnerability High
CVE-2023-32786 was published for langchain (pip) Oct 21, 2023
eyurtsev
LangChain Server Side Request Forgery vulnerability High
CVE-2023-46229 was published for langchain (pip) Oct 19, 2023
Presto JDBC Server-Side Request Forgery by nextUri High
GHSA-86q5-qcjc-7pv4 was published for com.facebook.presto:presto-jdbc (Maven) Oct 3, 2023
Presto JDBC Server-Side Request Forgery by redirect High
GHSA-xm7x-f3w2-4hjm was published for com.facebook.presto:presto-jdbc (Maven) Oct 3, 2023
Server-Side Request Forgery vulnerability in SLims version 9.6.0. This vulnerability could allow... High Unreviewed
CVE-2023-3744 was published Oct 2, 2023
GeoNode vulnerable to SSRF Bypass to return internal host data High
CVE-2023-42439 was published for GeoNode (pip) Sep 20, 2023
ImThatT
The Dropbox Folder Share plugin for WordPress is vulnerable to Server-Side Request Forgery in... High Unreviewed
CVE-2023-3025 was published Sep 16, 2023
SSRF vulnerability in Jenkins Bitbucket Push and Pull Request Plugin allows capturing credentials High
CVE-2023-41937 was published for io.jenkins.plugins:bitbucket-push-and-pull-request (Maven) Sep 6, 2023
Server Side Request Forgery (SSRF) vulnerability in NebulaGraph Studio version 3.7.0, allows... High Unreviewed
CVE-2023-36088 was published Sep 1, 2023
Apache Airflow denial of service vulnerability High
CVE-2023-37379 was published for apache-airflow (pip) Aug 23, 2023
Apache XML Graphics Batik Server-Side Request Forgery vulnerability High
CVE-2022-44729 was published for org.apache.xmlgraphics:batik-bridge (Maven) Aug 22, 2023
Flarum vulnerable to LFI and Blind SSRF via Avatar upload High
CVE-2023-40033 was published for flarum/core (Composer) Aug 16, 2023
The Booking Manager WordPress plugin before 2.0.29 does not validate URLs input in it's admin... High Unreviewed
CVE-2023-1977 was published Aug 16, 2023
rconfig v3.9.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the path... High Unreviewed
CVE-2023-39110 was published Aug 1, 2023
rconfig v3.9.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the path_a... High Unreviewed
CVE-2023-39109 was published Aug 1, 2023
rconfig v3.9.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the path_b... High Unreviewed
CVE-2023-39108 was published Aug 1, 2023
Server Side Request Forgery vulnerability found in Deskpro Support Desk v2021.21.6 allows... High Unreviewed
CVE-2021-35391 was published Jul 21, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database