GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,783
Composer 4,757
Erlang 35
GitHub Actions 29
Go 2,327
Maven 5,611
npm 3,960
NuGet 712
pip 3,741
Pub 12
RubyGems 921
Rust 973
Swift 38

Unreviewed advisories

All unreviewed 258,478

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

340 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

PublicCMS v4.0.202302.e was discovered to contain a Server-Side Request Forgery (SSRF) via the... High Unreviewed

CVE-2024-40543 was published Jul 12, 2024

PublicCMS v4.0.202302.e was discovered to contain a Server-Side Request Forgery (SSRF) via the... High Unreviewed

CVE-2024-40544 was published Jul 12, 2024

Microsoft SharePoint Server Information Disclosure Vulnerability High Unreviewed

CVE-2024-32987 was published Jul 9, 2024

Server-Side Request Forgery (SSRF) vulnerability in Theme-Ruby Foxiz.This issue affects Foxiz:... High Unreviewed

CVE-2024-37260 was published Jul 6, 2024

Server Side Request Forgery (SSRF) vulnerability in AdmirorFrames Joomla! extension in afGdStream... High Unreviewed

CVE-2024-5736 was published Jul 3, 2024

SSRF in Apache HTTP Server on Windows allows to potentially leak NTML hashes to a malicious... High Unreviewed

CVE-2024-38472 was published Jul 1, 2024

stangirard/quivr version 0.0.236 contains a Server-Side Request Forgery (SSRF) vulnerability. The... High Unreviewed

CVE-2024-5885 was published Jun 27, 2024

A Server-Side Request Forgery (SSRF) vulnerability exists in the upload processing interface of... High Unreviewed

CVE-2024-5822 was published Jun 27, 2024

The W3C XML Signature Syntax and Processing (XMLDsig) specification, starting with 1.0, was... High Unreviewed

CVE-2024-34581 was published Jun 26, 2024

In WhatsUp Gold versions released before 2023.1.3, an authenticated SSRF vulnerability in Wug.UI... High Unreviewed

CVE-2024-5015 was published Jun 25, 2024

In WhatsUp Gold versions released before 2023.1.3, a Server Side Request Forgery vulnerability... High Unreviewed

CVE-2024-5014 was published Jun 25, 2024

A Server-Side Request Forgery vulnerability was identified in GitHub Enterprise Server that... High Unreviewed

CVE-2024-5746 was published Jun 21, 2024

The ElementsKit PRO plugin for WordPress is vulnerable to Server-Side Request Forgery in versions... High Unreviewed

CVE-2024-4404 was published Jun 14, 2024

A Server-Side Request Forgery (SSRF) vulnerability exists in the lunary-ai/lunary application,... High Unreviewed

CVE-2024-5328 was published Jun 6, 2024

A Server-Side Request Forgery (SSRF) vulnerability exists in the file upload section of imartinez... High Unreviewed

CVE-2024-5186 was published Jun 6, 2024

A Server-Side Request Forgery (SSRF) vulnerability exists in the stangirard/quivr application,... High Unreviewed

CVE-2024-4851 was published Jun 6, 2024

A Server-Side Request Forgery (SSRF) vulnerability exists in the 'add_webpage' endpoint of the... High Unreviewed

CVE-2024-5482 was published Jun 6, 2024

A host whitelist parser issue in the proxy service implemented in the GravityZone Update Server... High Unreviewed

CVE-2024-4177 was published Jun 6, 2024

A vulnerability in the web-based management interface of Cisco Finesse could allow an... High Unreviewed

CVE-2024-20404 was published Jun 5, 2024

Grafana OnCall is an easy-to-use on-call management tool that will help reduce toil in on-call... High Unreviewed

CVE-2024-5526 was published Jun 5, 2024

A Server-Side Request Forgery (SSRF) vulnerability exists in the latest version of mintplex-labs... High Unreviewed

CVE-2024-4084 was published Jun 5, 2024

The WP STAGING WordPress Backup Plugin WordPress plugin before 3.5.0 does not prevent users with... High Unreviewed

CVE-2024-4469 was published May 31, 2024

The Memberpress plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all... High Unreviewed

CVE-2024-5031 was published May 22, 2024

An issue in Open-Source Technology Committee SRS real-time video server RS/4.0.268(Leo) and SRS/4... High Unreviewed

CVE-2024-33250 was published May 14, 2024

The PDF Invoices & Packing Slips for WooCommerce plugin for WordPress is vulnerable to Server... High Unreviewed

CVE-2024-3047 was published May 2, 2024

Previous 1 2 3 4 5 6 … 13 14 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

340 advisories