Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,759
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

423 advisories

Loading
Server Side Request Forgery in vRealize Operations Manager API (CVE-2021-21975) prior to 8.4 may... High Unreviewed
CVE-2021-21975 was published May 24, 2022
An Unauthenticated Server-Side Request Forgery (SSRF) vulnerability exists in Inim Electronics... High Unreviewed
CVE-2020-22002 was published May 24, 2022
In JetBrains TeamCity before 2020.2.3, information disclosure via SSRF was possible. High Unreviewed
CVE-2021-31910 was published May 24, 2022
Server-Side request forgery (SSRF) vulnerability in task management component in Synology... High Unreviewed
CVE-2021-33184 was published May 24, 2022
A server side request forgery (SSRF) vulnerability in /ApiAdminDomainSettings.php of MipCMS 5.0.1... High Unreviewed
CVE-2020-20582 was published May 24, 2022
Server-side request forgery (SSRF) in the Podcast Importer SecondLine (podcast-importer... High Unreviewed
CVE-2020-24149 was published May 24, 2022
SSRF vulnerability in Halo <=1.3.2 exists in the SMTP configuration, which can detect the server... High Unreviewed
CVE-2020-23079 was published May 24, 2022
Siren Investigate before 11.1.1 contains a server side request forgery (SSRF) defect in the built... High Unreviewed
CVE-2021-31216 was published May 24, 2022
A CWE-918: Server-Side Request Forgery (SSRF) vulnerability exists in EVlink City (EVC1S22P4 /... High Unreviewed
CVE-2021-22726 was published May 24, 2022
An SSRF vulnerability in Gotenberg through 6.2.1 exists in the remote URL to PDF conversion,... High Unreviewed
CVE-2020-14160 was published May 24, 2022
The vRealize Operations Manager API (8.x prior to 8.5) contains a Server Side Request Forgery in... High Unreviewed
CVE-2021-22027 was published May 24, 2022
The vRealize Operations Manager API (8.x prior to 8.5) contains a Server Side Request Forgery in... High Unreviewed
CVE-2021-22026 was published May 24, 2022
YzmCMS v5.5 contains a server-side request forgery (SSRF) in the grab_image() function. High Unreviewed
CVE-2020-20341 was published May 24, 2022
On version 16.0.x before 16.0.1.2, insufficient permission checks may allow authenticated users... High Unreviewed
CVE-2021-23029 was published May 24, 2022
BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 contains basic SSRF vulnerability. It allow... High Unreviewed
CVE-2021-28910 was published May 24, 2022
The SAP NetWeaver Portal, versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, component Iviews... High Unreviewed
CVE-2021-33705 was published May 24, 2022
In Gradle Enterprise before 2021.1.3, an attacker with the ability to perform SSRF attacks can... High Unreviewed
CVE-2021-41586 was published May 24, 2022
In Gradle Enterprise before 2021.1.3, an attacker with the ability to perform SSRF attacks can... High Unreviewed
CVE-2021-41587 was published May 24, 2022
There is a server-side request forgery vulnerability in HUAWEI P40 versions 10.1.0.118... High Unreviewed
CVE-2021-37104 was published May 24, 2022
In all versions of GitLab CE/EE since version 8.15, a DNS rebinding vulnerability in Gitea... High Unreviewed
CVE-2021-39867 was published May 24, 2022
Myucms v2.2.1 contains a server-side request forgery (SSRF) in the component \controller\index... High Unreviewed
CVE-2020-21649 was published May 24, 2022
A vulnerability in the MiCollab Client server component of Mitel MiCollab through 9.5.0.101 could... High Unreviewed
CVE-2022-36451 was published Oct 25, 2022
IBM Jazz Team Server products is vulnerable to server-side request forgery (SSRF). This may allow... High Unreviewed
CVE-2021-29844 was published May 24, 2022
An issue was discovered in the pixxio (aka pixx.io integration or DAM) extension before 1.0.6 for... High Unreviewed
CVE-2021-43562 was published May 24, 2022
A Server-Side Request Forgery (SSRF) in fetch_net_file_upload function of baijiacmsV4 v4.1.4... High Unreviewed
CVE-2022-38931 was published Sep 21, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database