Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,780
Erlang
36
GitHub Actions
29
Go
2,344
Maven
5,000+
npm
3,973
NuGet
719
pip
3,770
Pub
12
RubyGems
923
Rust
978
Swift
38
Unreviewed advisories
All unreviewed
5,000+

479 advisories

Loading
WPS Server Side Request Forgery vulnerability High
CVE-2023-43795 was published for org.geoserver.extension:gs-wps-core (Maven) Oct 24, 2023
Server-Side Request Forgery (SSRF) in GitHub repository owncast/owncast prior to 0.1.0. High Unreviewed
CVE-2023-3188 was published Jun 10, 2023
The Web Stories plugin for WordPress is vulnerable to Server-Side Request Forgery in versions up... High Unreviewed
CVE-2022-3708 was published Oct 29, 2022
Gogs and Gitea SSRF Vulnerability High
CVE-2018-15192 was published for code.gitea.io/gitea (Go) May 14, 2022
Presto JDBC Server-Side Request Forgery by nextUri High
GHSA-86q5-qcjc-7pv4 was published for com.facebook.presto:presto-jdbc (Maven) Oct 3, 2023
Presto JDBC Server-Side Request Forgery by redirect High
GHSA-xm7x-f3w2-4hjm was published for com.facebook.presto:presto-jdbc (Maven) Oct 3, 2023
Server-Side Request Forgery in snipe/snipe-it High
CVE-2021-4075 was published for snipe/snipe-it (Composer) Dec 10, 2021
Server-Side Request Forgery in @uppy/companion High
CVE-2020-8205 was published for @uppy/companion (npm) Aug 13, 2020
Shopware vulnerable to SSRF High
CVE-2020-13970 was published for shopware/platform (Composer) May 24, 2022
Umbraco CMS vulnerable to CSRF High
CVE-2015-8813 was published for Umbraco.CMS (NuGet) May 17, 2022
Microsoft SharePoint Server Spoofing Vulnerability This CVE ID is unique from CVE-2021-31948, CVE... High Unreviewed
CVE-2021-31950 was published May 24, 2022
SSRF in Kitodo.Presentation High
CVE-2022-24980 was published for kitodo/presentation (Composer) Feb 20, 2022
NocoDB information disclosure vulnerability High
CVE-2022-2062 was published for nocodb (npm) Jun 14, 2022
Incorrect Authorization in @uppy/companion High
CVE-2022-0528 was published for @uppy/companion (npm) Mar 4, 2022
forem up to v2022.11.11 was discovered to contain a Server-Side Request Forgery (SSRF) via the... High Unreviewed
CVE-2023-27160 was published Mar 31, 2023
SvelteKit framework has Insufficient CSRF protection for CORS requests High
CVE-2023-29008 was published for @sveltejs/kit (npm) Apr 7, 2023
Ry0taK benmccann
dominikg Conduitry
Appwrite Server-Side Request Forgery vulnerability High
CVE-2023-27159 was published for appwrite/server-ce (Composer) Mar 31, 2023
Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache Fineract.... High Unreviewed
CVE-2023-25195 was published Mar 28, 2023
Jellyfin up to v10.7.7 was discovered to contain a Server-Side Request Forgery (SSRF) via the... High Unreviewed
CVE-2023-27161 was published Mar 10, 2023
Server-Side Request Forgery (SSRF) vulnerability in Infoline Project Management System allows... High Unreviewed
CVE-2023-1725 was published Mar 30, 2023
In SAP BusinessObjects Business Intelligence Platform (Web Services) - versions 420, 430, an... High Unreviewed
CVE-2023-27271 was published Mar 14, 2023
Due to improper input controls In SAP NetWeaver AS for ABAP and ABAP Platform - versions 700, 701... High Unreviewed
CVE-2023-26459 was published Mar 14, 2023
In SAP BusinessObjects Business Intelligence Platform - version 420, 430, an attacker can control... High Unreviewed
CVE-2023-27896 was published Mar 14, 2023
Moodle vulnerable to Server-Side Request Forgery High
CVE-2021-36396 was published for moodle/moodle (Composer) Mar 6, 2023
GitLab CE/EE, versions 8.18 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1... High Unreviewed
CVE-2018-19571 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database