GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
1,089 advisories
Filter by severity
SSRF in Apache HTTP Server on Windows with mod_rewrite in server/vhost context, allows to...
Critical
Unreviewed
CVE-2024-40898
was published
Jul 18, 2024
Spoofing attack in swagger-ui
Moderate
CVE-2018-25031
was published
for
swagger-ui
(npm)
Mar 12, 2022
Server-Side Request Forgery (SSRF) vulnerability in Jordy Meow AI Engine: ChatGPT Chatbot allows...
Moderate
Unreviewed
CVE-2024-38791
was published
Aug 1, 2024
Server-Side Request Forgery in github.com/greenpau/caddy-security
Moderate
CVE-2024-21498
was published
for
github.com/greenpau/caddy-security
(Go)
Feb 17, 2024
SSRF vulnerability using the Aegis DataBinding in Apache CXF
Critical
CVE-2024-28752
was published
for
org.apache.cxf:cxf-core
(Maven)
Mar 15, 2024
Apache CXF: SSRF vulnerability via WADL stylesheet parameter
Moderate
CVE-2024-29736
was published
for
org.apache.cxf:cxf-rt-rs-service-description
(Maven)
Jul 19, 2024
An SSRF issue in REBUILD v.3.5 allows a remote attacker to obtain sensitive information and...
Critical
Unreviewed
CVE-2024-25294
was published
Mar 20, 2024
Apache StreamPipes has possibility of SSRF in pipeline element installation process
Moderate
CVE-2024-31979
was published
for
org.apache.streampipes:streampipes-parent
(Maven)
Jul 17, 2024
Automation Anywhere Automation 360 v21-v32 is vulnerable to Server-Side Request Forgery in a web...
Moderate
Unreviewed
CVE-2024-6922
was published
Jul 26, 2024
memos vulnerable to Server-Side Request Forgery in /o/get/httpmeta
Moderate
CVE-2024-29028
was published
for
github.com/usememos/memos
(Go)
Aug 5, 2024
memos vulnerable to Server-Side Request Forgery and Cross-site Scripting
Moderate
CVE-2024-29029
was published
for
github.com/usememos/memos
(Go)
Aug 5, 2024
NextChat has full-read SSRF and XSS vulnerability in /api/cors endpoint
Critical
CVE-2023-49785
was published
for
nextchat
(npm)
Aug 5, 2024
memos vulnerable to Server-Side Request Forgery in /api/resource
Moderate
CVE-2024-29030
was published
for
github.com/usememos/memos
(Go)
Aug 5, 2024
Tencent Blueking CMDB v3.2.x to v3.9.x was discovered to contain a Server-Side Request Forgery ...
High
Unreviewed
CVE-2024-22873
was published
Feb 26, 2024
Nuxt Icon affected by a Server-Side Request Forgery (SSRF)
High
CVE-2024-42352
was published
for
@nuxt/icon
(npm)
Aug 5, 2024
Server Side Request Forgery (SSRF) vulnerability in hcengineering Huly Platform v.0.6.202 allows...
Moderate
Unreviewed
CVE-2024-27707
was published
Mar 7, 2024
A Server-Side Request Forgery (SSRF) in pictureproxy.php of ChatGPT commit f9f4bbc allows...
Moderate
Unreviewed
CVE-2024-27564
was published
Mar 5, 2024
An authenticated attacker can bypass Server-Side Request Forgery (SSRF) protection in Microsoft...
High
Unreviewed
CVE-2024-38206
was published
Aug 7, 2024
Apache ServiceComb Service-Center Server-Side Request Forgery vulnerability
High
CVE-2023-44313
was published
for
github.com/apache/servicecomb-service-center
(Go)
Jan 31, 2024
Directus Blind SSRF On File Import
Moderate
CVE-2024-39699
was published
for
@directus/api
(npm)
Jul 8, 2024
ShopXO Server-Side Request Forgery Vulnerability
Moderate
CVE-2024-6524
was published
for
shopxo/shopxo
(Composer)
Jul 5, 2024
The Modern Events Calendar plugin for WordPress is vulnerable to Server-Side Request Forgery in...
High
Unreviewed
CVE-2024-6522
was published
Aug 7, 2024
Magento Open Source Server-Side Request Forgery (SSRF) vulnerability
Moderate
CVE-2024-34111
was published
for
magento/community-edition
(Composer)
Jun 13, 2024
Server Side Request Forgery (SSRF) attack in Fedify
High
CVE-2024-39687
was published
for
@fedify/fedify
(npm)
Jul 5, 2024
A Server-Side Request Forgery (SSRF) in the Plugins Page of WonderCMS v3.4.3 allows attackers to...
High
Unreviewed
CVE-2024-41305
was published
Jul 30, 2024
ProTip!
Advisories are also available from the
GraphQL API