Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,780
Erlang
36
GitHub Actions
29
Go
2,338
Maven
5,000+
npm
3,973
NuGet
715
pip
3,769
Pub
12
RubyGems
923
Rust
976
Swift
38
Unreviewed advisories
All unreviewed
5,000+

663 advisories

Loading
In infiniflow/ragflow versions 0.12.0, the `web_crawl` function in `document_app.py` contains... Moderate Unreviewed
CVE-2024-12450 was published Mar 20, 2025
Server-Side Request Forgery (SSRF) vulnerability in ActiveCampaign.This issue affects... Moderate Unreviewed
CVE-2024-32430 was published Apr 15, 2024
A server-side request forgery (SSRF) vulnerability in Bitdefender GravityZone Console allows an... Moderate Unreviewed
CVE-2025-2243 was published Apr 4, 2025
A server-side request forgery (SSRF) vulnerability exists in the Bitdefender GravityZone Update... Moderate Unreviewed
CVE-2025-2245 was published Apr 4, 2025
A vulnerability was found in iteachyou Dreamer CMS 4.1.3. It has been declared as problematic.... Moderate Unreviewed
CVE-2025-1548 was published Feb 21, 2025
A vulnerability was found in xujiangfei admintwo 1.0. It has been classified as critical.... Moderate Unreviewed
CVE-2025-3254 was published Apr 4, 2025
In Zammad 6.4.x before 6.4.2, SSRF can occur. Authenticated admin users can enable webhooks in... Moderate Unreviewed
CVE-2025-32358 was published Apr 5, 2025
A vulnerability, which was classified as critical, has been found in mymagicpower AIAS 20250308.... Moderate Unreviewed
CVE-2025-3411 was published Apr 8, 2025
A vulnerability, which was classified as critical, was found in mymagicpower AIAS 20250308.... Moderate Unreviewed
CVE-2025-3412 was published Apr 8, 2025
Server-Side Request Forgery (SSRF) vulnerability in Jan Boddez IndieBlocks allows Server Side... Moderate Unreviewed
CVE-2025-31009 was published Apr 9, 2025
Server-Side Request Forgery (SSRF) vulnerability in Joe Waymark allows Server Side Request... Moderate Unreviewed
CVE-2025-32487 was published Apr 9, 2025
Server-Side Request Forgery (SSRF) vulnerability in QuantumCloud SEO Help allows Server Side... Moderate Unreviewed
CVE-2025-32675 was published Apr 9, 2025
Server-Side Request Forgery (SSRF) vulnerability in Angelo Mandato PowerPress Podcasting allows... Moderate Unreviewed
CVE-2025-32691 was published Apr 9, 2025
DotNetNuke.Core Vulnerable to Server-Side Request Forgery (SSRF) Moderate
CVE-2025-32372 was published for DotNetNuke.Core (NuGet) Apr 9, 2025
s0nnyWT valadas
david-poindexter
A Server-Side Request Forgery (SSRF) vulnerability was discovered in the videx-legacy-ssl web... Moderate Unreviewed
CVE-2025-22374 was published Apr 10, 2025
SurrealDB bypass of deny-net flags via redirect results in server-side request forgery (SSRF) Moderate
GHSA-5q9x-554g-9jgg was published for surrealdb (Rust) Apr 11, 2025
cure53
perfSONAR before 4.4.6, when performing participant discovery, incorrectly uses an HTTP request... Moderate Unreviewed
CVE-2022-45027 was published Jan 1, 2023
The urllib.parse.urlsplit() and urlparse() functions improperly validated bracketed hosts (`[]`),... Moderate Unreviewed
CVE-2024-11168 was published Nov 13, 2024
Dify v1.0 was discovered to contain a Server-Side Request Forgery (SSRF) via the component... Moderate Unreviewed
CVE-2025-29720 was published Apr 14, 2025
Server-Side Request Forgery (SSRF) vulnerability in EPC Photography. This issue affects... Moderate Unreviewed
CVE-2025-30964 was published Apr 15, 2025
Server-Side Request Forgery (SSRF) vulnerability in WP Royal Royal Elementor Addons allows Server... Moderate Unreviewed
CVE-2025-26990 was published Apr 15, 2025
CrushFTP 9.x and 10.x through 10.8.4 and 11.x through 11.3.1 allows SSRF via the host and port... Moderate Unreviewed
CVE-2025-32102 was published Apr 15, 2025
In affected Microsoft Windows versions of Octopus Deploy, the server can be coerced into sending... Moderate Unreviewed
CVE-2025-0539 was published Apr 10, 2025
A vulnerability was found in mirweiye Seven Bears Library CMS 2023. It has been classified as... Moderate Unreviewed
CVE-2025-3691 was published Apr 16, 2025
Server-Side Request Forgery (SSRF) vulnerability in Apache HertzBeat. This issue affects Apache... Moderate Unreviewed
CVE-2024-56736 was published Apr 16, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database