Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,779
Erlang
36
GitHub Actions
29
Go
2,338
Maven
5,000+
npm
3,973
NuGet
715
pip
3,769
Pub
12
RubyGems
923
Rust
976
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

525 advisories

Loading
Keyoti SearchUnit prior to 9.0.0. is vulnerable to Server-Side Request Forgery (SSRF) in ... Moderate Unreviewed
CVE-2025-44043 was published Jun 10, 2025
A Server-side Request Forgery (SSRF) vulnerability in Trend Micro Apex Central (on-premise)... Moderate Unreviewed
CVE-2025-30679 was published Jun 17, 2025
A Server-side Request Forgery (SSRF) vulnerability in Trend Micro Apex Central (on-premise)... Moderate Unreviewed
CVE-2025-30678 was published Jun 17, 2025
Server-Side Request Forgery (SSRF) vulnerability in Metagauss ProfileGrid allows Server Side... Moderate Unreviewed
CVE-2025-49877 was published Jun 17, 2025
A vulnerability was found in Intera InHire up to 20250530. It has been declared as critical.... Moderate Unreviewed
CVE-2025-6142 was published Jun 17, 2025
The application is vulnerable to Server-Side Request Forgery (SSRF). An endpoint can be used to... Moderate Unreviewed
CVE-2025-49190 was published Jun 12, 2025
A server-side request forgery vulnerability [CWE-918] in Fortinet FortiClientEMS version 7.4.0... Moderate Unreviewed
CVE-2023-48786 was published Jun 10, 2025
Server-Side Request Forgery (SSRF) vulnerability in SmartDataSoft Car Repair Services allows... Moderate Unreviewed
CVE-2025-30997 was published Jun 6, 2025
Server-Side Request Forgery (SSRF) vulnerability in wpdive Nexa Blocks allows Server Side Request... Moderate Unreviewed
CVE-2025-30976 was published Jun 6, 2025
Server-Side Request Forgery (SSRF) vulnerability in ShawonPro SocialMark allows Server Side... Moderate Unreviewed
CVE-2025-29008 was published Jun 6, 2025
Sensitive information disclosure due to SSRF. The following products are affected: Acronis Cyber... Moderate Unreviewed
CVE-2025-48962 was published Jun 4, 2025
A vulnerability classified as critical was found in quequnlong shiyi-blog up to 1.2.1. This... Moderate Unreviewed
CVE-2025-5510 was published Jun 3, 2025
A server-side request forgery (SSRF) vulnerability exists in multiple WSO2 products due to... Moderate Unreviewed
CVE-2024-7073 was published Jun 2, 2025
A server-side request forgery vulnerability exists in HPE StoreOnce Software. Moderate Unreviewed
CVE-2025-37090 was published Jun 2, 2025
An issue was discovered in WSO2 Dashboard Server 2.0.0. It is possible to force the application... Moderate Unreviewed
CVE-2019-6516 was published May 24, 2022
An SSRF issue was discovered in Zoho Application Control Plus before version 10.0.511. The mail... Moderate Unreviewed
CVE-2020-15594 was published May 24, 2022
An issue was discovered in WSO2 API Manager 2.6.0. It is possible to force the application to... Moderate Unreviewed
CVE-2019-6512 was published May 24, 2022
maccms10 v2025.1000.4047 is vulnerable to Server-Side request forgery (SSRF) in Friend Link... Moderate Unreviewed
CVE-2025-45475 was published May 27, 2025
A vulnerability was found in chshcms mccms 2.7. It has been classified as critical. This affects... Moderate Unreviewed
CVE-2025-5327 was published May 29, 2025
A vulnerability was found in thinkgem JeeSite up to 5.11.1. It has been rated as critical.... Moderate Unreviewed
CVE-2025-5186 was published May 26, 2025
A vulnerability classified as critical has been found in Seeyon Zhiyuan OA Web Application System... Moderate Unreviewed
CVE-2025-5140 was published May 25, 2025
A Server-Side Request Forgery (SSRF) vulnerability in StrangeBee TheHive 5.2.0 before 5.2.16, 5.3... Moderate Unreviewed
CVE-2025-48739 was published May 23, 2025
The Page Builder Gutenberg Blocks WordPress plugin before 3.1.12 does not prevent users from... Moderate Unreviewed
CVE-2024-4260 was published Jul 23, 2024
The Broken Link Checker WordPress plugin before 2.4.2 does not validate a the link URLs before... Moderate Unreviewed
CVE-2024-10903 was published Dec 26, 2024
The Ninja Forms Webhooks plugin for WordPress is vulnerable to Server-Side Request Forgery in all... Moderate Unreviewed
CVE-2024-13940 was published May 14, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database