GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,138
Composer 4,333
Erlang 31
GitHub Actions 21
Go 2,094
Maven 5,263
npm 3,759
NuGet 678
pip 3,445
Pub 12
RubyGems 892
Rust 882
Swift 37

Unreviewed advisories

All unreviewed 242,311

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

893 advisories

Filter by severity

Sort by

Least recently updated

An administrative user of WebReports may perform a Server Side Request Forgery (SSRF) exploit... Low Unreviewed

CVE-2023-45705 was published Mar 28, 2024

A server side request forgery vulnerability was identified in Kibana where the /api/fleet... Moderate Unreviewed

CVE-2024-43710 was published Jan 23, 2025

BigFix Patch Download Plug-ins are affected by Server-Side Request Forgery (SSRF) vulnerability. ... Low Unreviewed

CVE-2024-42182 was published Jan 23, 2025

The AI Power: Complete AI Pack plugin for WordPress is vulnerable to Server-Side Request Forgery... Moderate Unreviewed

CVE-2024-13360 was published Jan 22, 2025

The a+HRD from aEnrich Technology has a Server-side Request Forgery, allowing unauthenticated... Moderate Unreviewed

CVE-2025-0584 was published Jan 20, 2025

OtCMS <=V7.46 is vulnerable to Server-Side Request Forgery (SSRF) in /admin/read.php, which can... Moderate Unreviewed

CVE-2024-57252 was published Jan 17, 2025

The Friends plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up... Moderate Unreviewed

CVE-2024-1978 was published Feb 29, 2024

The Seraphinite Accelerator plugin for WordPress is vulnerable to Server-Side Request Forgery in... Moderate Unreviewed

CVE-2024-1568 was published Feb 28, 2024

A vulnerability classified as problematic has been found in wuzhicms 4.1.0. This affects the... Moderate Unreviewed

CVE-2025-0480 was published Jan 15, 2025

Server-Side Request Forgery (SSRF) vulnerability in Faizaan Gagan Course Migration for LearnDash... Moderate Unreviewed

CVE-2025-22346 was published Jan 15, 2025

Invoice Ninja is vulnerable to authenticated Server-Side Request Forgery (SSRF) allowing for... High Unreviewed

CVE-2025-0474 was published Jan 14, 2025

The RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator... Moderate Unreviewed

CVE-2023-6805 was published Apr 17, 2024

Veeam Backup for Microsoft Azure is vulnerable to Server-Side Request Forgery (SSRF). This may... High Unreviewed

CVE-2025-23082 was published Jan 14, 2025

The ElementsKit PRO plugin for WordPress is vulnerable to Server-Side Request Forgery in versions... High Unreviewed

CVE-2024-4404 was published Jun 14, 2024

A Server-Side Request Forgery (SSRF) vulnerability in Microsoft Purview allows an authorized... High Unreviewed

CVE-2025-21385 was published Jan 10, 2025

A Server-Side Request Forgery vulnerability in the SonicOS SSH management interface allows a... High Unreviewed

CVE-2024-53705 was published Jan 9, 2025

A vulnerability was found in donglight bookstore电商书城系统说明 1.0.0. It has been classified as... Moderate Unreviewed

CVE-2024-13195 was published Jan 9, 2025

I, Librarian before and including 5.11.1 is vulnerable to Server-Side Request Forgery (SSRF) due... Critical Unreviewed

CVE-2024-54819 was published Jan 7, 2025

VMware Aria Automation contains a server-side request forgery (SSRF) vulnerability. A malicious... Moderate Unreviewed

CVE-2025-22215 was published Jan 8, 2025

Server-Side Request Forgery (SSRF) vulnerability in Tips and Tricks HQ Compact WP Audio Player... Moderate Unreviewed

CVE-2024-56279 was published Jan 7, 2025

Server-Side Request Forgery (SSRF) vulnerability in Envato Envato Elements allows Server Side... Moderate Unreviewed

CVE-2024-56275 was published Jan 7, 2025

The urllib.parse.urlsplit() and urlparse() functions improperly validated bracketed hosts (`[]`),... Moderate Unreviewed

CVE-2024-11168 was published Nov 13, 2024

A vulnerability was found in wangl1989 mysiteforme 1.0. It has been rated as critical. This issue... Moderate Unreviewed

CVE-2024-13139 was published Jan 5, 2025

The Photo Gallery Slideshow & Masonry Tiled Gallery plugin for WordPress is vulnerable to Server... Moderate Unreviewed

CVE-2024-12237 was published Jan 4, 2025

A Server-Side Request Forgery (SSRF) in the endpoint http://{your-server}/url-to-pdf of Stirling... High Unreviewed

CVE-2024-55082 was published Dec 19, 2024

Previous 1 2 3 4 5 … 35 36 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

893 advisories