GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,780
Erlang
36
GitHub Actions
29
Go
2,338
Maven
5,000+
npm
3,973
NuGet
715
pip
3,769
Pub
12
RubyGems
923
Rust
976
Swift
38
Unreviewed advisories
All unreviewed
5,000+
663 advisories
Filter by severity
langgenius/dify version 0.10.1 contains a Server-Side Request Forgery (SSRF) vulnerability in the...
Moderate
Unreviewed
CVE-2024-12775
was published
Mar 20, 2025
A Server-Side Request Forgery (SSRF) vulnerability was discovered in gaizhenbiao/chuanhuchatgpt...
Moderate
Unreviewed
CVE-2025-0188
was published
Mar 20, 2025
A Server-Side Request Forgery (SSRF) vulnerability was identified in langgenius/dify version 0.10...
Moderate
Unreviewed
CVE-2025-0184
was published
Mar 20, 2025
composio Server-Side Request Forgery (SSRF) vulnerability
Moderate
CVE-2024-8952
was published
for
composio-core
(pip)
Mar 20, 2025
Applications that use Wget to access a remote resource using shorthand URLs and pass arbitrary...
Moderate
Unreviewed
CVE-2024-10524
was published
Nov 19, 2024
Apache Druid vulnerable to Server-Side Request Forgery, Cross-site Scripting, Open Redirect
Moderate
CVE-2025-27888
was published
for
org.apache.druid:druid
(Maven)
Mar 20, 2025
The Your Friendly Drag and Drop Page Builder — Make Builder plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-13856
was published
Mar 22, 2025
A Server-Side Request Forgery vulnerability in the APROL Web Portal used in B&R APROL <4.4-00P5...
Moderate
Unreviewed
CVE-2024-10206
was published
Mar 25, 2025
A Server-Side Request Forgery vulnerability in the APROL Web Portal used in B&R APROL <4.4-00P5...
Moderate
Unreviewed
CVE-2024-10207
was published
Mar 25, 2025
The WP Compress – Instant Performance & Speed Optimization plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2025-2109
was published
Mar 25, 2025
The Zapier for WordPress plugin for WordPress is vulnerable to Server-Side Request Forgery in all...
Moderate
Unreviewed
CVE-2024-13411
was published
Mar 26, 2025
A vulnerability was found in zhangyd-c OneBlog up to 2.3.9. It has been declared as problematic....
Moderate
Unreviewed
CVE-2025-2835
was published
Mar 27, 2025
Server-Side Request Forgery (SSRF) vulnerability in XpeedStudio Metform allows Server Side...
Moderate
Unreviewed
CVE-2025-30914
was published
Mar 27, 2025
Server-Side Request Forgery (SSRF) vulnerability in SuitePlugins Video & Photo Gallery for...
Moderate
Unreviewed
CVE-2025-22672
was published
Mar 27, 2025
Haven 5d15944 allows Server-Side Request Forgery (SSRF) via the feed[url]= Feeds functionality....
Moderate
Unreviewed
CVE-2023-24060
was published
Jan 27, 2023
Server-Side Request Forgery (SSRF) vulnerability in WP Compress WP Compress for MainWP allows...
Moderate
Unreviewed
CVE-2025-31076
was published
Mar 28, 2025
Server-Side Request Forgery (SSRF) vulnerability in Kishan WP Link Preview allows Server Side...
Moderate
Unreviewed
CVE-2025-31527
was published
Mar 31, 2025
A vulnerability was found in zhangyanbo2007 youkefu 4.2.0. It has been classified as critical....
Moderate
Unreviewed
CVE-2025-2997
was published
Mar 31, 2025
OneNav 1.1.0 is vulnerable to Server-Side Request Forgery (SSRF) in custom headers.
Moderate
Unreviewed
CVE-2025-28096
was published
Mar 29, 2025
ShopXO Vulnerable to Server-Side Request Forgery (SSRF) via Image Upload
Moderate
CVE-2025-28092
was published
for
shopxo/shopxo
(Composer)
Mar 29, 2025
ShopXO Vulnerable to Server-Side Request Forgery (SSRF) via Email Settings
Moderate
CVE-2025-28093
was published
for
shopxo/shopxo
(Composer)
Mar 29, 2025
ShopXO Vulnerable to Server-Side Request Forgery (SSRF) and Cross-Site Scripting (XSS)
Moderate
CVE-2025-28094
was published
for
shopxo/shopxo
(Composer)
Mar 29, 2025
Server-Side Request Forgery (SSRF) vulnerability in TheInnovs Team ElementsCSS Addons for...
Moderate
Unreviewed
CVE-2025-31796
was published
Apr 1, 2025
Server-Side Request Forgery (SSRF) vulnerability in Wombat Plugins WP Optin Wheel allows Server...
Moderate
Unreviewed
CVE-2025-31824
was published
Apr 1, 2025
The Pz-LinkCard WordPress plugin through 2.5.1 does not prevent users from pinging arbitrary...
Moderate
Unreviewed
CVE-2024-0677
was published
Mar 28, 2024
ProTip!
Advisories are also available from the
GraphQL API