GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,828
Composer 4,768
Erlang 35
GitHub Actions 29
Go 2,332
Maven 5,625
npm 3,965
NuGet 713
pip 3,748
Pub 12
RubyGems 921
Rust 975
Swift 38

Unreviewed advisories

All unreviewed 258,989

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,081 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The 'wp_ajax_boost_proxy_ig' action allows administrators to make GET requests to arbitrary URLs. Critical Unreviewed

CVE-2024-6584 was published May 15, 2025

A server-side request forgery vulnerability [CWE-918] in Fortinet FortiClientEMS version 7.4.0... Moderate Unreviewed

CVE-2023-48786 was published Jun 10, 2025

Under certain conditions, SAP Business Objects Business Intelligence Platform allows an... Low Unreviewed

CVE-2025-42988 was published Jun 10, 2025

Server-Side Request Forgery (SSRF) vulnerability in SmartDataSoft Car Repair Services allows... Moderate Unreviewed

CVE-2025-30997 was published Jun 6, 2025

Server-Side Request Forgery (SSRF) vulnerability in wpdive Nexa Blocks allows Server Side Request... Moderate Unreviewed

CVE-2025-30976 was published Jun 6, 2025

Server-Side Request Forgery (SSRF) vulnerability in ShawonPro SocialMark allows Server Side... Moderate Unreviewed

CVE-2025-29008 was published Jun 6, 2025

Sensitive information disclosure due to SSRF. The following products are affected: Acronis Cyber... Moderate Unreviewed

CVE-2025-48962 was published Jun 4, 2025

A vulnerability classified as critical was found in quequnlong shiyi-blog up to 1.2.1. This... Moderate Unreviewed

CVE-2025-5510 was published Jun 3, 2025

A server-side request forgery (SSRF) vulnerability exists in multiple WSO2 products due to... Moderate Unreviewed

CVE-2024-7073 was published Jun 2, 2025

A server-side request forgery vulnerability exists in HPE StoreOnce Software. Moderate Unreviewed

CVE-2025-37090 was published Jun 2, 2025

Zoho ManageEngine ServiceDesk Plus MSP before 10521 is vulnerable to Server-Side Request Forgery ... Critical Unreviewed

CVE-2021-31531 was published May 24, 2022

An issue was discovered in WSO2 Dashboard Server 2.0.0. It is possible to force the application... Moderate Unreviewed

CVE-2019-6516 was published May 24, 2022

Zoho ManageEngine ADSelfService Plus 5.x before build 5703 has SSRF. Critical Unreviewed

CVE-2019-3905 was published May 14, 2022

An SSRF issue was discovered in Zoho Application Control Plus before version 10.0.511. The mail... Moderate Unreviewed

CVE-2020-15594 was published May 24, 2022

An issue was discovered in WSO2 API Manager 2.6.0. It is possible to force the application to... Moderate Unreviewed

CVE-2019-6512 was published May 24, 2022

maccms10 v2025.1000.4047 is vulnerable to Server-Side request forgery (SSRF) in Friend Link... Moderate Unreviewed

CVE-2025-45475 was published May 27, 2025

A vulnerability was found in chshcms mccms 2.7. It has been classified as critical. This affects... Moderate Unreviewed

CVE-2025-5327 was published May 29, 2025

Esri Portal for ArcGIS 11.4 and prior allows a remote, unauthenticated attacker to bypass the... Critical Unreviewed

CVE-2025-4967 was published May 29, 2025

maccms10 v2025.1000.4047 is vulnerable to Server-side request forgery (SSRF) in Email Settings. High Unreviewed

CVE-2025-45474 was published May 29, 2025

A vulnerability was found in thinkgem JeeSite up to 5.11.1. It has been rated as critical.... Moderate Unreviewed

CVE-2025-5186 was published May 26, 2025

A vulnerability classified as critical has been found in Seeyon Zhiyuan OA Web Application System... Moderate Unreviewed

CVE-2025-5140 was published May 25, 2025

A Server-Side Request Forgery (SSRF) vulnerability in StrangeBee TheHive 5.2.0 before 5.2.16, 5.3... Moderate Unreviewed

CVE-2025-48739 was published May 23, 2025

SSRF Server Side Request Forgery vulnerabilities exist in ASPECT if administrator credentials... High Unreviewed

CVE-2024-13957 was published May 22, 2025

The WP STAGING WordPress Backup Plugin WordPress plugin before 3.5.0 does not prevent users with... High Unreviewed

CVE-2024-4469 was published May 31, 2024

Book Stack version 23.10.2 allows filtering local files on the server. This is possible because... High Unreviewed

CVE-2023-6199 was published Nov 21, 2023

Previous 1 2 3 4 5 … 43 44 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,081 advisories