Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,826
Erlang
36
GitHub Actions
32
Go
2,426
Maven
5,000+
npm
4,058
NuGet
723
pip
3,848
Pub
12
RubyGems
934
Rust
1,006
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,498 advisories

Loading
PostHog database_schema Server-Side Request Forgery Information Disclosure Vulnerability. This... High Unreviewed
CVE-2025-1522 was published Apr 23, 2025
IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to server-side request forgery (SSRF).... Moderate Unreviewed
CVE-2025-27907 was published Apr 22, 2025
IBM Maximo Asset Management 7.6.1.3 is vulnerable to server-side request forgery (SSRF). This may... Low Unreviewed
CVE-2025-2987 was published Apr 22, 2025
open-webui v0.5.16 is vulnerable to SSRF in routers/ollama.py in function verify_connection. Low Unreviewed
CVE-2025-29446 was published Apr 21, 2025
Crawl4AI SSRF vulnerability Moderate
CVE-2025-28197 was published for Crawl4AI (pip) Apr 18, 2025
A vulnerability was found in PbootCMS 3.2.5. It has been classified as problematic. Affected is... Moderate Unreviewed
CVE-2025-3787 was published Apr 18, 2025
An issue in personal-management-system Personal Management System 1.4.65 allows a remote attacker... Moderate Unreviewed
CVE-2025-29456 was published Apr 18, 2025
An issue in personal-management-system Personal Management System 1.4.65 allows a remote attacker... Moderate Unreviewed
CVE-2025-29453 was published Apr 18, 2025
An issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive information via the Mail... High Unreviewed
CVE-2025-29459 was published Apr 18, 2025
An issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive information via the Add... High Unreviewed
CVE-2025-29460 was published Apr 18, 2025
An issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive information via the Import a... High Unreviewed
CVE-2025-29457 was published Apr 18, 2025
An issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive information via the Change... High Unreviewed
CVE-2025-29458 was published Apr 18, 2025
An issue in a-blogcms 3.1.15 allows a remote attacker to obtain sensitive information via the ... High Unreviewed
CVE-2025-29461 was published Apr 18, 2025
An issue in personal-management-system Personal Management System 1.4.65 allows a remote attacker... Moderate Unreviewed
CVE-2025-29454 was published Apr 17, 2025
An issue in twonav v.2.1.18-20241105 allows a remote attacker to obtain sensitive information via... Moderate Unreviewed
CVE-2025-29450 was published Apr 17, 2025
An issue in personal-management-system Personal Management System 1.4.65 allows a remote attacker... Moderate Unreviewed
CVE-2025-29455 was published Apr 17, 2025
An issue in twonav v.2.1.18-20241105 allows a remote attacker to obtain sensitive information via... Moderate Unreviewed
CVE-2025-29449 was published Apr 17, 2025
An issue in Seo Panel 4.11.0 allows a remote attacker to obtain sensitive information via the... High Unreviewed
CVE-2025-29451 was published Apr 17, 2025
An issue in Seo Panel 4.11.0 allows a remote attacker to obtain sensitive information via the... High Unreviewed
CVE-2025-29452 was published Apr 17, 2025
Server-Side Request Forgery (SSRF) vulnerability in Apache HertzBeat. This issue affects Apache... Moderate Unreviewed
CVE-2024-56736 was published Apr 16, 2025
A vulnerability was found in mirweiye Seven Bears Library CMS 2023. It has been classified as... Moderate Unreviewed
CVE-2025-3691 was published Apr 16, 2025
Kyverno vulnerable to SSRF via Service Calls High
GHSA-459x-q9hg-4gpq was published for github.com/kyverno/kyverno (Go) Apr 15, 2025
r0binak
CrushFTP 9.x and 10.x through 10.8.4 and 11.x through 11.3.1 allows SSRF via the host and port... Moderate Unreviewed
CVE-2025-32102 was published Apr 15, 2025
Server-Side Request Forgery (SSRF) vulnerability in WP Royal Royal Elementor Addons allows Server... Moderate Unreviewed
CVE-2025-26990 was published Apr 15, 2025
Server-Side Request Forgery (SSRF) vulnerability in EPC Photography. This issue affects... Moderate Unreviewed
CVE-2025-30964 was published Apr 15, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database