Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,825
Erlang
36
GitHub Actions
32
Go
2,419
Maven
5,000+
npm
4,055
NuGet
723
pip
3,847
Pub
12
RubyGems
934
Rust
1,006
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,496 advisories

Loading
A Server-Side Request Forgery (SSRF) vulnerability exists in the latest version of vanna-ai/vanna... High Unreviewed
CVE-2024-8099 was published Mar 20, 2025
Open WebUI has SSRF in /openai/models High
CVE-2024-7959 was published for open-webui (pip) Mar 20, 2025
comfyanonymous/comfyui version v0.2.4 suffers from a non-blind Server-Side Request Forgery (SSRF)... High Unreviewed
CVE-2024-12882 was published Mar 20, 2025
langgenius/dify version 0.10.1 contains a Server-Side Request Forgery (SSRF) vulnerability in the... Moderate Unreviewed
CVE-2024-12775 was published Mar 20, 2025
parisneo/lollms-webui version V13 (feather) suffers from a Server-Side Request Forgery (SSRF)... High Unreviewed
CVE-2024-12766 was published Mar 20, 2025
A Server-Side Request Forgery (SSRF) vulnerability exists in binary-husky/gpt_academic version... Moderate Unreviewed
CVE-2024-12392 was published Mar 20, 2025
A Server-Side Request Forgery (SSRF) vulnerability exists in infiniflow/ragflow version 0.12.0.... Moderate Unreviewed
CVE-2024-12779 was published Mar 20, 2025
FastChat Server-Side Request Forgery vulnerability High
CVE-2024-12376 was published for fschat (pip) Mar 20, 2025
In infiniflow/ragflow versions 0.12.0, the `web_crawl` function in `document_app.py` contains... Moderate Unreviewed
CVE-2024-12450 was published Mar 20, 2025
A Server-Side Request Forgery (SSRF) vulnerability was discovered in haotian-liu/llava, affecting... High Unreviewed
CVE-2024-12068 was published Mar 20, 2025
A vulnerability in haotian-liu/llava version 1.2.0 (LLaVA-1.6) allows for Server-Side Request... High Unreviewed
CVE-2024-11449 was published Mar 20, 2025
FastChat Server-Side Request Forgery vulnerability High
CVE-2024-11603 was published for fschat (pip) Mar 20, 2025
langgenius/dify version 0.9.1 contains a Server-Side Request Forgery (SSRF) vulnerability. The... Moderate Unreviewed
CVE-2024-11822 was published Mar 20, 2025
GPT Academic version 3.83 is vulnerable to a Server-Side Request Forgery (SSRF) vulnerability... High Unreviewed
CVE-2024-11030 was published Mar 20, 2025
In version 3.83 of binary-husky/gpt_academic, a Server-Side Request Forgery (SSRF) vulnerability... High Unreviewed
CVE-2024-11031 was published Mar 20, 2025
Multiple Server-Side Request Forgery (SSRF) vulnerabilities were identified in the significant... Moderate Unreviewed
CVE-2024-10457 was published Mar 20, 2025
IBM QRadar Advisor 1.0.0 through 2.6.5 is vulnerable to server-side request forgery (SSRF). This... Moderate Unreviewed
CVE-2024-49822 was published Mar 18, 2025
Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) a... Moderate Unreviewed
CVE-2025-22474 was published Mar 17, 2025
The Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin plugin... Moderate Unreviewed
CVE-2024-13838 was published Mar 12, 2025
Rembg allows SSRF via /api/remove Moderate
CVE-2025-25301 was published for rembg (pip) Mar 11, 2025
A vulnerability, which was classified as problematic, was found in Stoque Zeev.it 4.24. This... Moderate Unreviewed
CVE-2025-2192 was published Mar 11, 2025
Under certain conditions, an SSRF vulnerability in SAP CRM and SAP S/4HANA (Interaction Center)... Low Unreviewed
CVE-2025-27430 was published Mar 11, 2025
A vulnerability has been found in Beijing Founder Electronics Founder Enjoys All-Media... Moderate Unreviewed
CVE-2025-2116 was published Mar 9, 2025
The Starter Templates by FancyWP plugin for WordPress is vulnerable to Blind Server-Side Request... Moderate Unreviewed
CVE-2024-13924 was published Mar 8, 2025
A server-side request forgery (SSRF) vulnerability has been reported to affect QuLog Center. If... Moderate Unreviewed
CVE-2024-53696 was published Mar 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database