GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
389 advisories
Filter by severity
SSRF vulnerability in Jenkins Bitbucket Push and Pull Request Plugin allows capturing credentials
High
CVE-2023-41937
was published
for
io.jenkins.plugins:bitbucket-push-and-pull-request
(Maven)
Sep 6, 2023
Server Side Request Forgery (SSRF) vulnerability in NebulaGraph Studio version 3.7.0, allows...
High
Unreviewed
CVE-2023-36088
was published
Sep 1, 2023
Apache Airflow denial of service vulnerability
High
CVE-2023-37379
was published
for
apache-airflow
(pip)
Aug 23, 2023
Apache XML Graphics Batik Server-Side Request Forgery vulnerability
High
CVE-2022-44729
was published
for
org.apache.xmlgraphics:batik-bridge
(Maven)
Aug 22, 2023
Flarum vulnerable to LFI and Blind SSRF via Avatar upload
High
CVE-2023-40033
was published
for
flarum/core
(Composer)
Aug 16, 2023
The Booking Manager WordPress plugin before 2.0.29 does not validate URLs input in it's admin...
High
Unreviewed
CVE-2023-1977
was published
Aug 16, 2023
rconfig v3.9.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the path_b...
High
Unreviewed
CVE-2023-39108
was published
Aug 1, 2023
rconfig v3.9.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the path...
High
Unreviewed
CVE-2023-39110
was published
Aug 1, 2023
rconfig v3.9.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the path_a...
High
Unreviewed
CVE-2023-39109
was published
Aug 1, 2023
Server Side Request Forgery vulnerability found in Deskpro Support Desk v2021.21.6 allows...
High
Unreviewed
CVE-2021-35391
was published
Jul 21, 2023
InfoDoc Document On-line Submission and Approval System lacks sufficient restrictions on the...
High
Unreviewed
CVE-2023-37290
was published
Jul 20, 2023
SAP Solution Manager (Diagnostics agent) - version 7.20, allows an unauthenticated attacker to...
High
Unreviewed
CVE-2023-36925
was published
Jul 11, 2023
PlantUML Server-Side Request Forgery vulnerability
High
CVE-2023-3432
was published
for
net.sourceforge.plantuml:plantuml
(Maven)
Jun 27, 2023
Shibboleth XMLTooling before 3.2.4, as used in OpenSAML and Shibboleth Service Provider, allows...
High
Unreviewed
CVE-2023-36661
was published
Jun 26, 2023
Moodle vulnerable to Server Side Request Forgery
High
CVE-2023-35133
was published
for
moodle/moodle
(Composer)
Jun 22, 2023
CData RSB Connect v22.0.8336 was discovered to contain a Server-Side Request Forgery (SSRF).
High
Unreviewed
CVE-2023-24243
was published
Jun 16, 2023
Server-Side Request Forgery (SSRF) in GitHub repository owncast/owncast prior to 0.1.0.
High
Unreviewed
CVE-2023-3188
was published
Jun 10, 2023
Advanced Secure Gateway and Content Analysis, prior to 7.3.13.1 / 3.1.6.0, may be susceptible to...
High
Unreviewed
CVE-2023-23955
was published
Jun 1, 2023
davinci 0.3.0-rc is vulnerable to Server-side request forgery (SSRF).
High
Unreviewed
CVE-2023-31848
was published
May 17, 2023
Access control issues in blackbox_exporter
High
CVE-2023-26735
was published
for
github.com/prometheus/blackbox_exporter
(Go)
Apr 26, 2023
A Server-Side Request Forgery vulnerability in DELMIA Apriso Release 2017 through Release 2022
...
High
Unreviewed
CVE-2023-2140
was published
Apr 21, 2023
SvelteKit framework has Insufficient CSRF protection for CORS requests
High
CVE-2023-29008
was published
for
@sveltejs/kit
(npm)
Apr 7, 2023
Appwrite Server-Side Request Forgery vulnerability
High
CVE-2023-27159
was published
for
appwrite/server-ce
(Composer)
Mar 31, 2023
forem up to v2022.11.11 was discovered to contain a Server-Side Request Forgery (SSRF) via the...
High
Unreviewed
CVE-2023-27160
was published
Mar 31, 2023
Server-Side Request Forgery (SSRF) vulnerability in Infoline Project Management System allows...
High
Unreviewed
CVE-2023-1725
was published
Mar 30, 2023
ProTip!
Advisories are also available from the
GraphQL API