Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
21
Go
2,094
Maven
5,000+
npm
3,759
NuGet
678
pip
3,445
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

399 advisories

Loading
Server-Side Request Forgery (SSRF) vulnerability in DLX Plugins Comment Edit Core – Simple... Moderate Unreviewed
CVE-2025-24703 was published Jan 24, 2025
Server-Side Request Forgery (SSRF) vulnerability in HasThemes Extensions For CF7 allows Server... Moderate Unreviewed
CVE-2025-24695 was published Jan 24, 2025
Server-Side Request Forgery (SSRF) vulnerability in Kiboko Labs Chained Quiz allows Server Side... Moderate Unreviewed
CVE-2025-24701 was published Jan 24, 2025
A server-side request forgery in PAN-OS software enables an unauthenticated attacker to use the... Moderate Unreviewed
CVE-2024-5917 was published Nov 14, 2024
The Activity Plus Reloaded for BuddyPress plugin for WordPress is vulnerable to Blind Server-Side... Moderate Unreviewed
CVE-2024-11913 was published Jan 24, 2025
A server side request forgery vulnerability was identified in Kibana where the /api/fleet... Moderate Unreviewed
CVE-2024-43710 was published Jan 23, 2025
The AI Power: Complete AI Pack plugin for WordPress is vulnerable to Server-Side Request Forgery... Moderate Unreviewed
CVE-2024-13360 was published Jan 22, 2025
The a+HRD from aEnrich Technology has a Server-side Request Forgery, allowing unauthenticated... Moderate Unreviewed
CVE-2025-0584 was published Jan 20, 2025
OtCMS <=V7.46 is vulnerable to Server-Side Request Forgery (SSRF) in /admin/read.php, which can... Moderate Unreviewed
CVE-2024-57252 was published Jan 17, 2025
The Friends plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up... Moderate Unreviewed
CVE-2024-1978 was published Feb 29, 2024
The Seraphinite Accelerator plugin for WordPress is vulnerable to Server-Side Request Forgery in... Moderate Unreviewed
CVE-2024-1568 was published Feb 28, 2024
A vulnerability classified as problematic has been found in wuzhicms 4.1.0. This affects the... Moderate Unreviewed
CVE-2025-0480 was published Jan 15, 2025
Server-Side Request Forgery (SSRF) vulnerability in Faizaan Gagan Course Migration for LearnDash... Moderate Unreviewed
CVE-2025-22346 was published Jan 15, 2025
The RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator... Moderate Unreviewed
CVE-2023-6805 was published Apr 17, 2024
A vulnerability was found in donglight bookstore电商书城系统说明 1.0.0. It has been classified as... Moderate Unreviewed
CVE-2024-13195 was published Jan 9, 2025
VMware Aria Automation contains a server-side request forgery (SSRF) vulnerability. A malicious... Moderate Unreviewed
CVE-2025-22215 was published Jan 8, 2025
Server-Side Request Forgery (SSRF) vulnerability in Tips and Tricks HQ Compact WP Audio Player... Moderate Unreviewed
CVE-2024-56279 was published Jan 7, 2025
Server-Side Request Forgery (SSRF) vulnerability in Envato Envato Elements allows Server Side... Moderate Unreviewed
CVE-2024-56275 was published Jan 7, 2025
The urllib.parse.urlsplit() and urlparse() functions improperly validated bracketed hosts (`[]`),... Moderate Unreviewed
CVE-2024-11168 was published Nov 13, 2024
A vulnerability was found in wangl1989 mysiteforme 1.0. It has been rated as critical. This issue... Moderate Unreviewed
CVE-2024-13139 was published Jan 5, 2025
The Photo Gallery Slideshow & Masonry Tiled Gallery plugin for WordPress is vulnerable to Server... Moderate Unreviewed
CVE-2024-12237 was published Jan 4, 2025
A vulnerability classified as problematic was found in Antabot White-Jotter up to 0.2.2. Affected... Moderate Unreviewed
CVE-2024-13032 was published Dec 30, 2024
A vulnerability, which was classified as problematic, was found in Antabot White-Jotter up to 0.2... Moderate Unreviewed
CVE-2024-13029 was published Dec 30, 2024
A vulnerability was found in WISI Tangram GT31 up to 20241214 and classified as problematic.... Moderate Unreviewed
CVE-2024-12989 was published Dec 27, 2024
IBM i 7.3, 7.4, and 7.5 is vulnerable to server-side request forgery (SSRF). This may allow an... Moderate Unreviewed
CVE-2024-51463 was published Dec 21, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database