Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,901
Maven
5,000+
npm
3,631
NuGet
638
pip
3,245
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

798 advisories

Loading
An improper access control vulnerability in GroupMe allows an a unauthenticated attacker to... High Unreviewed
CVE-2024-38183 was published Sep 17, 2024
A server-side request forgery issue has been discovered in GitLab EE affecting all versions... High Unreviewed
CVE-2024-8635 was published Sep 12, 2024
Possible External Service Interaction attack in eDirectory has been discovered in OpenText™... Moderate Unreviewed
CVE-2021-38132 was published Sep 12, 2024
A Server-Side Request Forgery (SSRF) vulnerability in Terminalfour before 8.3.19 allows... Moderate Unreviewed
CVE-2024-22217 was published Aug 15, 2024
Loftware Spectrum before 5.1 allows SSRF. High Unreviewed
CVE-2023-37229 was published Sep 10, 2024
Loftware Spectrum (testDeviceConnection) before 5.1 allows SSRF. High Unreviewed
CVE-2023-37230 was published Sep 10, 2024
SeaCMS v13.1 was discovered to a Server-Side Request Forgery (SSRF) via the url parameter at ... Critical Unreviewed
CVE-2024-44721 was published Sep 9, 2024
A server side request forgery vulnerability allows a low-privileged user to perform local... High Unreviewed
CVE-2024-40718 was published Sep 7, 2024
Server-Side Request Forgery (SSRF), Improper Control of Generation of Code ('Code Injection')... High Unreviewed
CVE-2024-45507 was published Sep 4, 2024
** UNSUPPORTED WHEN ASSIGNED ** Server-Side Request Forgery (SSRF) vulnerability in Apache IoTDB... High Unreviewed
CVE-2024-36448 was published Aug 5, 2024
A Server-Side Request Forgery (SSRF) in the getFileFromRepo function of WonderCMS v3.1.3 allows... Moderate Unreviewed
CVE-2024-27563 was published Mar 5, 2024
A Server-Side Request Forgery (SSRF) in weixin.php of ChatGPT-wechat-personal commit a0857f6... Critical Unreviewed
CVE-2024-27565 was published Mar 5, 2024
Server Side Request Forgery (SSRF) vulnerability in 71cms v1.0.0, allows remote unauthenticated... High Unreviewed
CVE-2024-25187 was published Apr 2, 2024
A Server-Side Request Forgery (SSRF) in the installUpdateThemePluginAction function of WonderCMS... Critical Unreviewed
CVE-2024-27561 was published Mar 5, 2024
An issue was discovered in RWS WorldServer before 11.7.3. An authenticated, remote attacker can... High Unreviewed
CVE-2022-34269 was published Feb 29, 2024
The CRM platform Twenty version 0.3.0 is vulnerable to SSRF via file upload. Moderate Unreviewed
CVE-2024-28435 was published Mar 25, 2024
XML External Entity (XXE) vulnerability in Terminalfour 8.0.0001 through 8.3.18 and XML JDBC... Moderate Unreviewed
CVE-2024-22219 was published Aug 15, 2024
Server-side request forgery (SSRF) vulnerability exists in a-blog cms Ver.3.1.x series versions... Moderate Unreviewed
CVE-2024-30420 was published May 22, 2024
The Skitter Slideshow plugin for WordPress is vulnerable to Server-Side Request Forgery in all... High Unreviewed
CVE-2022-1751 was published Aug 17, 2024
Skype for Business Elevation of Privilege Vulnerability Moderate Unreviewed
CVE-2023-41763 was published Oct 10, 2023
A vulnerability was found in wanglongcn ltcms 1.0.20. It has been declared as critical. Affected... Moderate Unreviewed
CVE-2024-7743 was published Aug 13, 2024
A vulnerability has been found in wanglongcn ltcms 1.0.20 and classified as critical. This... Moderate Unreviewed
CVE-2024-7740 was published Aug 13, 2024
A vulnerability was found in wanglongcn ltcms 1.0.20. It has been classified as critical.... Moderate Unreviewed
CVE-2024-7742 was published Aug 13, 2024
An authenticated attacker can exploit an Server-Side Request Forgery (SSRF) vulnerability in... Critical Unreviewed
CVE-2024-38109 was published Aug 13, 2024
SAP CRM ABAP (Insights Management) allows an authenticated attacker to enumerate HTTP endpoints... Moderate Unreviewed
CVE-2024-41737 was published Aug 13, 2024
ProTip! Advisories are also available from the GraphQL API