GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,150
Composer 4,333
Erlang 31
GitHub Actions 22
Go 2,095
Maven 5,268
npm 3,762
NuGet 678
pip 3,447
Pub 12
RubyGems 892
Rust 882
Swift 37

Unreviewed advisories

All unreviewed 242,653

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,199 advisories

Filter by severity

Sort by

Least recently updated

An issue in Linux Server Heimdall v.2.6.1 allows a remote attacker to execute arbitrary code via... Critical Unreviewed

CVE-2024-51358 was published Nov 6, 2024

An issue was discovered in Logpoint before 7.5.0. Server-Side Request Forgery (SSRF) on SOAR can... High Unreviewed

CVE-2024-48951 was published Nov 7, 2024

gradio Server Side Request Forgery vulnerability Moderate

CVE-2024-48052 was published for gradio (pip) Nov 5, 2024

There is an SSRF vulnerability in the Fluid Topics platform that affects versions prior to 4.3,... Moderate Unreviewed

CVE-2023-31456 was published Jul 16, 2024

An issue in Open-Source Technology Committee SRS real-time video server RS/4.0.268(Leo) and SRS/4... High Unreviewed

CVE-2024-33250 was published May 14, 2024

AppSmith Community 1.8.3 before 1.46 allows SSRF via New DataSource for application/json requests... High Unreviewed

CVE-2024-51408 was published Nov 4, 2024

Server Side Request Forgery (SSRF) vulnerability in Pixelcurve Edubin edubin.This issue affects... Moderate Unreviewed

CVE-2024-39637 was published Aug 2, 2024

Server-Side Request Forgery (SSRF) vulnerability in Noor alam Magical Addons For Elementor allows... Moderate Unreviewed

CVE-2024-51665 was published Nov 4, 2024

Qualitor v8.24 was discovered to contain a Server-Side Request Forgery (SSRF) via the component ... High Unreviewed

CVE-2024-48360 was published Oct 31, 2024

xtreme1 <= v0.9.1 contains a Server-Side Request Forgery (SSRF) vulnerability in the /api/data... Moderate Unreviewed

CVE-2024-48346 was published Oct 30, 2024

A Server-Side Request Forgery (SSRF) vulnerability has been identified in eladmin 2.7 and earlier... Moderate Unreviewed

CVE-2024-51242 was published Oct 30, 2024

newbee-mall v1.0.0 is vulnerable to Server-Side Request Forgery (SSRF) via the goodsCoverImg... High Unreviewed

CVE-2024-48178 was published Oct 28, 2024

An issue was found in mipjz 5.0.5. In the mipPost method of \app\setting\controller\ApiAdminTool... Moderate Unreviewed

CVE-2024-48232 was published Oct 25, 2024

SparkShop <=1.1.7 is vulnerable to server-side request forgery (SSRF). This vulnerability allows... Moderate Unreviewed

CVE-2024-48107 was published Oct 28, 2024

An arbitrary file upload vulnerability in Huly Platform v0.6.295 allows attackers to execute... Moderate Unreviewed

CVE-2024-48450 was published Oct 25, 2024

An issue was discovered in mipjz 5.0.5. In the push method of app\tag\controller\ApiAdminTag.php... Moderate Unreviewed

CVE-2024-48234 was published Oct 26, 2024

Butterfly has path/URL confusion in resource handling leading to multiple weaknesses Critical

CVE-2024-47883 was published for org.openrefine.dependencies:butterfly (Maven) Oct 24, 2024

Anyscale Ray 2.6.3 and 2.8.0 allows a remote attacker to execute arbitrary code via the job... Critical Unreviewed

CVE-2023-48022 was published Nov 28, 2023

Recurly vulnerable to SSRF Critical

CVE-2017-0906 was published for recurly (pip) Jan 4, 2019

Server-side Request Forgery (SSRF) via img tags in reportlab High

CVE-2020-28463 was published for reportlab (pip) Mar 29, 2021

An issue in inducer relate before v.2024.1 allows a remote attacker to execute arbitrary code via... High Unreviewed

CVE-2024-32407 was published Apr 22, 2024

An issue was discovered in Zimbra Collaboration (ZCS) 10.1.x before 10.1.1, 10.0.x before 10.0.9,... High Unreviewed

CVE-2024-45518 was published Oct 22, 2024

Server-Side Request Forgery in Plone Moderate

CVE-2021-33510 was published for Plone (pip) Jun 15, 2021

Server-Side Request Forgery in Plone High

CVE-2021-33511 was published for Plone (pip) Jun 15, 2021

Server-Side Request Forgery (SSRF) vulnerability in WisdmLabs Edwiser Bridge.This issue affects... Moderate Unreviewed

CVE-2024-49312 was published Oct 17, 2024

Previous 1 2 3 4 5 6 7 … 47 48 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,199 advisories