Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,383
Erlang
33
GitHub Actions
22
Go
2,141
Maven
5,000+
npm
3,803
NuGet
687
pip
3,479
Pub
12
RubyGems
897
Rust
898
Swift
38
Unreviewed advisories
All unreviewed
5,000+

532 advisories

Loading
crmeb_java v1.3.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the... Moderate Unreviewed
CVE-2024-33117 was published May 6, 2024
Pterodactyl Wings vulnerable to Server-Side Request Forgery during remote file pull Moderate
CVE-2024-34068 was published for github.com/pterodactyl/wings (Go) May 3, 2024
TrixterTheTux matthewpi
TwoNav 2.1.13 contains an SSRF vulnerability via the url paramater to index.php?c=api&method... Moderate Unreviewed
CVE-2024-34453 was published May 3, 2024
OneNav v0.9.35-20240318 was discovered to contain a Server-Side Request Forgery (SSRF) via the... Moderate Unreviewed
CVE-2024-33832 was published Apr 30, 2024
Server-Side Request Forgery (SSRF) vulnerability in codeSavory Knowledge Base documentation &... Moderate Unreviewed
CVE-2024-33590 was published Apr 29, 2024
Server-Side Request Forgery (SSRF) vulnerability in Piotnet Piotnet Addons For Elementor Pro.This... Moderate Unreviewed
CVE-2024-33634 was published Apr 29, 2024
Server-Side Request Forgery (SSRF) vulnerability in Cusmin Absolutely Glamorous Custom Admin.This... Moderate Unreviewed
CVE-2024-33627 was published Apr 29, 2024
Server-Side Request Forgery (SSRF) vulnerability in Creative Motion Auto Featured Image (Auto... Moderate Unreviewed
CVE-2024-33629 was published Apr 29, 2024
Server-Side Request Forgery (SSRF) vulnerability in SoftLab Radio Player.This issue affects Radio... Moderate Unreviewed
CVE-2024-33592 was published Apr 25, 2024
Server-Side Request Forgery (SSRF) vulnerability in 2day.Sk, Webikon SuperFaktura WooCommerce... Moderate Unreviewed
CVE-2024-32803 was published Apr 24, 2024
Server-Side Request Forgery (SSRF) vulnerability in Podlove Podlove Podcast Publisher.This issue... Moderate Unreviewed
CVE-2024-32812 was published Apr 24, 2024
Server-Side Request Forgery (SSRF) vulnerability in Pavex Embed Google Photos album.This issue... Moderate Unreviewed
CVE-2024-32775 was published Apr 24, 2024
Server-Side Request Forgery (SSRF) vulnerability in Foliovision FV Flowplayer Video Player.This... Moderate Unreviewed
CVE-2024-32955 was published Apr 24, 2024
Server-Side Request Forgery (SSRF) vulnerability in Webangon The Pack Elementor.This issue... Moderate Unreviewed
CVE-2024-32718 was published Apr 24, 2024
Server-Side Request Forgery (SSRF) vulnerability in Culqi.This issue affects Culqi: from n/a... Moderate Unreviewed
CVE-2024-32819 was published Apr 24, 2024
Apache HugeGraph-Hubble: SSRF in Hubble connection page Moderate
CVE-2024-27347 was published for org.apache.hugegraph:hugegraph-hubble (Maven) Apr 22, 2024
Server-Side Request Forgery (SSRF) vulnerability in Really Simple Plugins Really Simple SSL.This... Moderate Unreviewed
CVE-2024-31229 was published Apr 18, 2024
Blind SSRF Leads to Port Scan by using Webhooks Moderate
CVE-2024-29035 was published for Umbraco.Cms.Core (NuGet) Apr 17, 2024
0xRyuzak1
The RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator... Moderate Unreviewed
CVE-2023-6805 was published Apr 17, 2024
IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3... Moderate Unreviewed
CVE-2024-22329 was published Apr 17, 2024
Server-Side Request Forgery (SSRF) vulnerability in Wappointment Appointment Bookings for Zoom... Moderate Unreviewed
CVE-2024-32454 was published Apr 15, 2024
Server-Side Request Forgery (SSRF) vulnerability in ActiveCampaign.This issue affects... Moderate Unreviewed
CVE-2024-32430 was published Apr 15, 2024
Mautic: MST-48 Server-Side Request Forgery in Asset section Moderate
CVE-2022-25777 was published for mautic/core (Composer) Apr 12, 2024
lenonleite
Users with low privileges can perform certain AJAX actions. In this vulnerability instance,... Moderate Unreviewed
CVE-2024-3448 was published Apr 10, 2024
Server-side request forgery (SSRF) in PingFederate allows unauthenticated http requests to attack... Moderate Unreviewed
CVE-2023-40148 was published Apr 10, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database