GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
389 advisories
Filter by severity
Server Side Request Forgery (SSRF) vulnerability in AdmirorFrames Joomla! extension in afGdStream...
High
Unreviewed
CVE-2024-5736
was published
Jul 3, 2024
SSRF in Apache HTTP Server on Windows allows to potentially leak NTML hashes to a malicious...
High
Unreviewed
CVE-2024-38472
was published
Jul 1, 2024
A Server-Side Request Forgery (SSRF) vulnerability exists in the upload processing interface of...
High
Unreviewed
CVE-2024-5822
was published
Jun 27, 2024
stangirard/quivr version 0.0.236 contains a Server-Side Request Forgery (SSRF) vulnerability. The...
High
Unreviewed
CVE-2024-5885
was published
Jun 27, 2024
The W3C XML Signature Syntax and Processing (XMLDsig) specification, starting with 1.0, was...
High
Unreviewed
CVE-2024-34581
was published
Jun 26, 2024
In WhatsUp Gold versions released before 2023.1.3, a Server Side Request Forgery vulnerability...
High
Unreviewed
CVE-2024-5014
was published
Jun 25, 2024
In WhatsUp Gold versions released before 2023.1.3, an authenticated SSRF vulnerability in Wug.UI...
High
Unreviewed
CVE-2024-5015
was published
Jun 25, 2024
A Server-Side Request Forgery vulnerability was identified in GitHub Enterprise Server that...
High
Unreviewed
CVE-2024-5746
was published
Jun 21, 2024
Strapi Server-Side Request Forgery (SSRF)
High
CVE-2024-37818
was published
for
@strapi/strapi
(npm)
Jun 20, 2024
A Server-Side Request Forgery (SSRF) vulnerability exists in the lunary-ai/lunary application,...
High
Unreviewed
CVE-2024-5328
was published
Jun 6, 2024
A Server-Side Request Forgery (SSRF) vulnerability exists in the stangirard/quivr application,...
High
Unreviewed
CVE-2024-4851
was published
Jun 6, 2024
A Server-Side Request Forgery (SSRF) vulnerability exists in the file upload section of imartinez...
High
Unreviewed
CVE-2024-5186
was published
Jun 6, 2024
A Server-Side Request Forgery (SSRF) vulnerability exists in the 'add_webpage' endpoint of the...
High
Unreviewed
CVE-2024-5482
was published
Jun 6, 2024
A host whitelist parser issue in the proxy service implemented in the GravityZone Update Server...
High
Unreviewed
CVE-2024-4177
was published
Jun 6, 2024
A vulnerability in the web-based management interface of Cisco Finesse could allow an...
High
Unreviewed
CVE-2024-20404
was published
Jun 5, 2024
Grafana OnCall is an easy-to-use on-call management tool that will help reduce toil in on-call...
High
Unreviewed
CVE-2024-5526
was published
Jun 5, 2024
A Server-Side Request Forgery (SSRF) vulnerability exists in the latest version of mintplex-labs...
High
Unreviewed
CVE-2024-4084
was published
Jun 5, 2024
ip SSRF improper categorization in isPublic
High
CVE-2024-29415
was published
for
ip
(npm)
Jun 2, 2024
Withdrawn Advisory: Weights and Biases (wandb) has a Server-Side Request Forgery (SSRF) vulnerability
High
CVE-2024-4642
was published
for
wandb
(pip)
May 16, 2024
•
withdrawn
Next.js Server-Side Request Forgery in Server Actions
High
CVE-2024-34351
was published
for
next
(npm)
May 9, 2024
WildFly Elytron: SSRF security issue
High
CVE-2024-1233
was published
for
org.wildfly.security:wildfly-elytron-realm-token
(Maven)
Apr 9, 2024
Server-Side Request Forgery (SSRF) vulnerability in RapidLoad RapidLoad Power-Up for Autoptimize...
High
Unreviewed
CVE-2024-31288
was published
Apr 7, 2024
An issue in Ladder v.0.0.1 thru v.0.0.21 allows a remote attacker to obtain sensitive information...
High
Unreviewed
CVE-2024-27620
was published
Apr 6, 2024
Server Side Request Forgery (SSRF) vulnerability in 71cms v1.0.0, allows remote unauthenticated...
High
Unreviewed
CVE-2024-25187
was published
Apr 2, 2024
ProTip!
Advisories are also available from the
GraphQL API