Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
73
GitHub Actions
53
Go
4,029
Maven
5,000+
npm
5,000+
NuGet
976
pip
5,000+
Pub
13
RubyGems
1,070
Rust
1,404
Swift
61
Unreviewed advisories
All unreviewed
5,000+

111 advisories

Loading
Authenticated Server Side Request Forgery Low
GHSA-8pfh-mm2g-hmc3 was published for shopware/core (Composer) Dec 21, 2020
Harbor is vulnerable to a limited Server-Side Request Forgery (SSRF) (CVE-2020-13788) Low
CVE-2020-13788 was published for github.com/goharbor/harbor (Go) Feb 11, 2022
IBM Forms Experience Builder could be susceptible to a server-side request forgery (SSRF) from... Low Unreviewed
CVE-2016-6001 was published May 17, 2022
IBM QRadar SIEM 7.4.2 GA to 7.4.2 Patch 1, 7.4.0 to 7.4.1 Patch 1, and 7.3.0 to 7.3.3 Patch 5 is... Low Unreviewed
CVE-2020-4787 was published May 24, 2022
A flaw was found in Ansible Tower in versions before 3.7.2. A Server Side Request Forgery flaw... Low Unreviewed
CVE-2020-14328 was published May 24, 2022
The Mailchimp for WooCommerce WordPress plugin before 2.7.2 has an AJAX action that allows high... Low Unreviewed
CVE-2022-2556 was published Aug 29, 2022
SSRF in editor's proxy via IPv6 link-local address in GitHub repository jgraph/drawio prior to 18... Low Unreviewed
CVE-2022-1722 was published May 17, 2022
In ArangoDB, versions v3.7.0 through v3.9.0-alpha.1 have a feature which allows downloading a... Low Unreviewed
CVE-2021-25939 was published Feb 10, 2022
Artifact Hub allows unsafe rego built-in Low
CVE-2023-45822 was published for github.com/artifacthub/hub (Go) Oct 19, 2023
dejanzelic Credited to dejanzelic
Server-Side Request Forgery (SSRF) in GitHub repository bookstackapp/bookstack prior to v23.08. Low Unreviewed
CVE-2023-4624 was published Aug 30, 2023
A vulnerability has been found in Dahua Smart Parking Management up to 20230528 and classified as... Low Unreviewed
CVE-2023-3121 was published Jun 6, 2023
google-translate-api-browser Server-Side Request Forgery (SSRF) Vulnerability Low
CVE-2023-48711 was published for google-translate-api-browser (npm) Nov 27, 2023
PinkDraconian Credited to PinkDraconian
External service lookups for a number of protocols were vulnerable to a time-of-check/time-of-use... Low Unreviewed
CVE-2023-26438 was published Aug 2, 2023
In case Cacheservice was configured to use a sproxyd object-storage backend, it would follow HTTP... Low Unreviewed
CVE-2023-26442 was published Aug 2, 2023
The WP RSS Aggregator plugin for WordPress is vulnerable to Server-Side Request Forgery in all... Low Unreviewed
CVE-2024-0628 was published Feb 7, 2024
An issue in open-emr before v.7.0.2 allows a remote attacker to escalate privileges via a crafted... Low Unreviewed
CVE-2024-26476 was published Feb 29, 2024
Trufflehog vulnerable to Blind SSRF in some Detectors Low
CVE-2024-43379 was published for github.com/trufflesecurity/trufflehog/v3 (Go) Aug 19, 2024
abankalarm Credited to abankalarm
Authenticated Blind SSRF in automad/automad Low
CVE-2023-7037 was published for automad/automad (Composer) Dec 21, 2023
marcantondahmen Credited to marcantondahmen
Mattermost versions 9.5.x <= 9.5.8 fail to include the metadata endpoints of Oracle Cloud and... Low Unreviewed
CVE-2024-45843 was published Sep 26, 2024
Northern.tech Hosted Mender before 2024.07.11 allows SSRF. Low Unreviewed
CVE-2024-47190 was published Nov 8, 2024
QOS.CH logback-core Server-Side Request Forgery vulnerability Low
CVE-2024-12801 was published for ch.qos.logback:logback-core (Maven) Dec 19, 2024
HTHou Credited to HTHou and pjfanning pjfanning pjfanning
BigFix Patch Download Plug-ins are affected by Server-Side Request Forgery (SSRF) vulnerability. ... Low Unreviewed
CVE-2024-42182 was published Jan 23, 2025
The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form &... Low Unreviewed
CVE-2024-13450 was published Jan 25, 2025
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.5 prior to... Low Unreviewed
CVE-2023-6195 was published Jan 31, 2025
SolarWinds Platform is affected by server-side request forgery vulnerability. Proper input... Low Unreviewed
CVE-2024-52606 was published Feb 11, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database