Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,768
Erlang
35
GitHub Actions
29
Go
2,332
Maven
5,000+
npm
3,965
NuGet
713
pip
3,748
Pub
12
RubyGems
921
Rust
975
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,424 advisories

Loading
The Order Export & Order Import for WooCommerce plugin for WordPress is vulnerable to Server-Side... High Unreviewed
CVE-2024-13923 was published Mar 20, 2025
A Server-Side Request Forgery (SSRF) vulnerability was identified in langgenius/dify version 0.10... Moderate Unreviewed
CVE-2025-0184 was published Mar 20, 2025
A Server-Side Request Forgery (SSRF) vulnerability was discovered in gaizhenbiao/chuanhuchatgpt... Moderate Unreviewed
CVE-2025-0188 was published Mar 20, 2025
A Server-Side Request Forgery (SSRF) vulnerability was identified in the Requests utility of... High Unreviewed
CVE-2025-0454 was published Mar 20, 2025
A Server-Side Request Forgery (SSRF) vulnerability exists in the POST /worker_generate_stream API... Critical Unreviewed
CVE-2024-9309 was published Mar 20, 2025
composio Server-Side Request Forgery (SSRF) vulnerability Moderate
CVE-2024-8952 was published for composio-core (pip) Mar 20, 2025
A Server-Side Request Forgery (SSRF) vulnerability exists in the latest version of vanna-ai/vanna... High Unreviewed
CVE-2024-8099 was published Mar 20, 2025
Open WebUI has SSRF in /openai/models High
CVE-2024-7959 was published for open-webui (pip) Mar 20, 2025
comfyanonymous/comfyui version v0.2.4 suffers from a non-blind Server-Side Request Forgery (SSRF)... High Unreviewed
CVE-2024-12882 was published Mar 20, 2025
parisneo/lollms-webui version V13 (feather) suffers from a Server-Side Request Forgery (SSRF)... High Unreviewed
CVE-2024-12766 was published Mar 20, 2025
A Server-Side Request Forgery (SSRF) vulnerability exists in infiniflow/ragflow version 0.12.0.... Moderate Unreviewed
CVE-2024-12779 was published Mar 20, 2025
FastChat Server-Side Request Forgery vulnerability High
CVE-2024-12376 was published for fschat (pip) Mar 20, 2025
A Server-Side Request Forgery (SSRF) vulnerability exists in binary-husky/gpt_academic version... Moderate Unreviewed
CVE-2024-12392 was published Mar 20, 2025
In infiniflow/ragflow versions 0.12.0, the `web_crawl` function in `document_app.py` contains... Moderate Unreviewed
CVE-2024-12450 was published Mar 20, 2025
langgenius/dify version 0.10.1 contains a Server-Side Request Forgery (SSRF) vulnerability in the... Moderate Unreviewed
CVE-2024-12775 was published Mar 20, 2025
A vulnerability in haotian-liu/llava version 1.2.0 (LLaVA-1.6) allows for Server-Side Request... High Unreviewed
CVE-2024-11449 was published Mar 20, 2025
A Server-Side Request Forgery (SSRF) vulnerability was discovered in haotian-liu/llava, affecting... High Unreviewed
CVE-2024-12068 was published Mar 20, 2025
FastChat Server-Side Request Forgery vulnerability High
CVE-2024-11603 was published for fschat (pip) Mar 20, 2025
langgenius/dify version 0.9.1 contains a Server-Side Request Forgery (SSRF) vulnerability. The... Moderate Unreviewed
CVE-2024-11822 was published Mar 20, 2025
GPT Academic version 3.83 is vulnerable to a Server-Side Request Forgery (SSRF) vulnerability... High Unreviewed
CVE-2024-11030 was published Mar 20, 2025
Multiple Server-Side Request Forgery (SSRF) vulnerabilities were identified in the significant... Moderate Unreviewed
CVE-2024-10457 was published Mar 20, 2025
IBM QRadar Advisor 1.0.0 through 2.6.5 is vulnerable to server-side request forgery (SSRF). This... Moderate Unreviewed
CVE-2024-49822 was published Mar 18, 2025
Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) a... Moderate Unreviewed
CVE-2025-22474 was published Mar 17, 2025
The Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin plugin... Moderate Unreviewed
CVE-2024-13838 was published Mar 12, 2025
Rembg allows SSRF via /api/remove Moderate
CVE-2025-25301 was published for rembg (pip) Mar 11, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database