Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
21
Go
2,094
Maven
5,000+
npm
3,759
NuGet
678
pip
3,445
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

1,193 advisories

Loading
Oxide control plane software before 5 allows SSRF. Critical Unreviewed
CVE-2023-50913 was published Dec 5, 2024
Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could give attackers the ability... Critical Unreviewed
CVE-2024-48874 was published Dec 6, 2024
Adobe Document Service allows an attacker with administrator privileges to send a crafted request... Critical Unreviewed
CVE-2024-47578 was published Dec 10, 2024
SAP NetWeaver Administrator(System Overview) allows an authenticated attacker to enumerate... High Unreviewed
CVE-2024-54197 was published Dec 10, 2024
http4k has a potential XXE (XML External Entity Injection) vulnerability Critical
CVE-2024-55875 was published for org.http4k:http4k-format-xml (Maven) Dec 12, 2024
JAckLosingHeart
Server-Side Request Forgery (SSRF) vulnerability in PlexTrac allowing requests to internal system... High Unreviewed
CVE-2024-11836 was published Dec 13, 2024
Server-Side Request Forgery (SSRF) vulnerability in Hep Hep Hurra (HHH) Hurrakify allows Server... High Unreviewed
CVE-2024-54330 was published Dec 13, 2024
Server-Side Request Forgery (SSRF) vulnerability in SoftLab Radio Player allows Server Side... High Unreviewed
CVE-2024-54385 was published Dec 16, 2024
The WP All Import Pro plugin for WordPress is vulnerable to Server-Side Request Forgery in all... High Unreviewed
CVE-2024-9624 was published Dec 17, 2024
In the GetSimple CMS CE 3.3.19 management page, Server-Side Request Forgery (SSRF) can be... High Unreviewed
CVE-2024-55086 was published Dec 18, 2024
The Broken Link Checker | Finder plugin for WordPress is vulnerable to Blind Server-Side Request... Moderate Unreviewed
CVE-2024-12121 was published Dec 19, 2024
A Server-Side Request Forgery (SSRF) in the endpoint http://{your-server}/url-to-pdf of Stirling... High Unreviewed
CVE-2024-55082 was published Dec 19, 2024
QOS.CH logback-core Server-Side Request Forgery vulnerability Low
CVE-2024-12801 was published for ch.qos.logback:logback-core (Maven) Dec 19, 2024
HTHou pjfanning
IBM Security Guardium 11.5 is vulnerable to server-side request forgery (SSRF). This may allow an... Moderate Unreviewed
CVE-2024-49336 was published Dec 19, 2024
A server-side request forgery exists in Satellite. When a PUT HTTP request is made to ... Moderate Unreviewed
CVE-2024-12840 was published Dec 20, 2024
Server-Side Request Forgery in URL Mapper in Arctic Security's Arctic Hub versions 3.0.1764-5.6... High Unreviewed
CVE-2024-12867 was published Dec 20, 2024
IBM i 7.3, 7.4, and 7.5 is vulnerable to server-side request forgery (SSRF). This may allow an... Moderate Unreviewed
CVE-2024-51463 was published Dec 21, 2024
A vulnerability was found in WISI Tangram GT31 up to 20241214 and classified as problematic.... Moderate Unreviewed
CVE-2024-12989 was published Dec 27, 2024
A Server-Side Request Forgery (SSRF) in smarts-srl.com Smart Agent v.1.1.0 allows a remote... High Unreviewed
CVE-2024-50714 was published Dec 28, 2024
A vulnerability, which was classified as problematic, was found in Antabot White-Jotter up to 0.2... Moderate Unreviewed
CVE-2024-13029 was published Dec 30, 2024
A vulnerability classified as problematic was found in Antabot White-Jotter up to 0.2.2. Affected... Moderate Unreviewed
CVE-2024-13032 was published Dec 30, 2024
A Server-Side Request Forgery (SSRF) vulnerability exists in the POST /worker_generate_stream API... Critical Unreviewed
CVE-2024-10044 was published Dec 30, 2024
The Photo Gallery Slideshow & Masonry Tiled Gallery plugin for WordPress is vulnerable to Server... Moderate Unreviewed
CVE-2024-12237 was published Jan 4, 2025
A vulnerability was found in wangl1989 mysiteforme 1.0. It has been rated as critical. This issue... Moderate Unreviewed
CVE-2024-13139 was published Jan 5, 2025
Server-Side Request Forgery (SSRF) vulnerability in Envato Envato Elements allows Server Side... Moderate Unreviewed
CVE-2024-56275 was published Jan 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database