Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,760
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

515 advisories

Loading
The configuration file import for applications, spyware and vulnerability objects functionality... Moderate Unreviewed
CVE-2017-15943 was published May 13, 2022
A vulnerability in the web interface of Cisco TelePresence Conductor, Cisco Expressway Series,... Moderate Unreviewed
CVE-2019-1679 was published May 13, 2022
SSRF vulnerability due to missing permission check in Jenkins JMS Messaging Plugin Moderate
CVE-2019-1003028 was published for org.jenkins-ci.plugins:jms-messaging (Maven) May 13, 2022
Jenkins Kanboard Plugin vulnerable to Server-side request forgery (SSRF) Moderate
CVE-2019-1003020 was published for org.jenkins-ci.plugins:kanboard (Maven) May 13, 2022
SSRF vulnerability due to missing permission check in Jenkins OctopusDeploy Plugin Moderate
CVE-2019-1003027 was published for hudson.plugins.octopusdeploy:octopusdeploy (Maven) May 13, 2022
Jenkins Mattermost Notification Plugin vulnerable to SSRF Moderate
CVE-2019-1003026 was published for org.jenkins-ci.plugins:mattermost (Maven) May 13, 2022
A Server-Side Request Forgery issue was discovered in Belden Hirschmann GECKO Lite Managed switch... Moderate Unreviewed
CVE-2017-6036 was published May 13, 2022
The Github repository importer in Atlassian Bitbucket Server before version 5.3.0 allows remote... Moderate Unreviewed
CVE-2017-18036 was published May 13, 2022
Server-side request forgery (SSRF) vulnerability in Link Preview in Synology Chat before 2.0.0... Moderate Unreviewed
CVE-2017-15886 was published May 13, 2022
Server-side request forgery (SSRF) vulnerability in file_upload.php in Synology Photo Station... Moderate Unreviewed
CVE-2017-12071 was published May 13, 2022
Server-side request forgery (SSRF) vulnerability in link preview in Synology Chat before 1.1.0... Moderate Unreviewed
CVE-2017-11148 was published May 13, 2022
Server-side request forgery (SSRF) vulnerability in Downloader in Synology Download Station 3.8.x... Moderate Unreviewed
CVE-2017-11149 was published May 13, 2022
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products ... Moderate Unreviewed
CVE-2017-3546 was published May 13, 2022
Moodle SSRF Vulnerability Moderate
CVE-2018-1042 was published for moodle/moodle (Composer) May 14, 2022
The IconUriServlet of the Atlassian OAuth Plugin from version 1.3.0 before version 1.9.12 and... Moderate Unreviewed
CVE-2017-9506 was published May 14, 2022
OX App Suite 7.8.4 and earlier allows SSRF. Moderate Unreviewed
CVE-2018-13103 was published May 14, 2022
JEECMS 9 has SSRF via the ueditor/getRemoteImage.jspx upfile parameter. Moderate Unreviewed
CVE-2018-20528 was published May 14, 2022
Server side request forgery exists in the runtime application in K2 smartforms 4.6.11 via a... Moderate Unreviewed
CVE-2018-9920 was published May 14, 2022
GitLab Community and Enterprise Editions version 8.3 up to 10.x before 10.3 are vulnerable to... Moderate Unreviewed
CVE-2018-8801 was published May 14, 2022
The FTP service on D-Link Central WiFiManager CWM-100 1.03 r0098 devices allows remote attackers... Moderate Unreviewed
CVE-2018-15516 was published May 14, 2022
OX App Suite 7.8.4 and earlier allows Server-Side Request Forgery. Moderate Unreviewed
CVE-2018-12609 was published May 14, 2022
Server-side request forgery vulnerability in Jenkins Mesos Plugin Moderate
CVE-2018-1000421 was published for org.jenkins-ci.plugins:mesos (Maven) May 14, 2022
Jenkins Crowd 2 Integration Plugin server-side request forgery vulnerability Moderate
CVE-2018-1000422 was published for org.jenkins-ci.plugins:crowd2 (Maven) May 14, 2022
admin/functions/remote.php in Interspire Email Marketer through 6.1.6 has Server Side Request... Moderate Unreviewed
CVE-2018-19651 was published May 14, 2022
An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev11. The API to configure... Moderate Unreviewed
CVE-2016-4046 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database