GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,018
Erlang
29
GitHub Actions
16
Go
1,830
Maven
5,000+
npm
3,573
NuGet
632
pip
3,150
Pub
10
RubyGems
847
Rust
796
Swift
34
Unreviewed advisories
All unreviewed
5,000+
1,044 advisories
Filter by severity
The Modern Events Calendar plugin for WordPress is vulnerable to Server-Side Request Forgery in...
High
Unreviewed
CVE-2024-6522
was published
Aug 7, 2024
An authenticated attacker can bypass Server-Side Request Forgery (SSRF) protection in Microsoft...
High
Unreviewed
CVE-2024-38206
was published
Aug 7, 2024
memos vulnerable to Server-Side Request Forgery in /o/get/httpmeta
Moderate
CVE-2024-29028
was published
for
github.com/usememos/memos
(Go)
Aug 5, 2024
memos vulnerable to Server-Side Request Forgery and Cross-site Scripting
Moderate
CVE-2024-29029
was published
for
github.com/usememos/memos
(Go)
Aug 5, 2024
memos vulnerable to Server-Side Request Forgery in /api/resource
Moderate
CVE-2024-29030
was published
for
github.com/usememos/memos
(Go)
Aug 5, 2024
NextChat has full-read SSRF and XSS vulnerability in /api/cors endpoint
Critical
CVE-2023-49785
was published
for
nextchat
(npm)
Aug 5, 2024
Nuxt Icon affected by a Server-Side Request Forgery (SSRF)
High
CVE-2024-42352
was published
for
@nuxt/icon
(npm)
Aug 5, 2024
** UNSUPPORTED WHEN ASSIGNED ** Server-Side Request Forgery (SSRF) vulnerability in Apache IoTDB...
Unknown
Unreviewed
CVE-2024-36448
was published
Aug 5, 2024
Rocket.Chat Server-Side Request Forgery (SSRF) vulnerability
High
CVE-2024-39713
was published
for
rocket.chat
(npm)
Aug 5, 2024
Server-Side Request Forgery (SSRF) vulnerability in Jordy Meow AI Engine: ChatGPT Chatbot allows...
Moderate
Unreviewed
CVE-2024-38791
was published
Aug 1, 2024
The Remote Content Shortcode plugin for WordPress is vulnerable to Server-Side Request Forgery in...
Moderate
Unreviewed
CVE-2024-2090
was published
Aug 1, 2024
A vulnerability has been found in YouDianCMS 7 and classified as critical. Affected by this...
Moderate
Unreviewed
CVE-2024-7330
was published
Aug 1, 2024
Automation Anywhere Automation 360 v21-v32 is vulnerable to Server-Side Request Forgery in a web...
Moderate
Unreviewed
CVE-2024-6922
was published
Jul 26, 2024
Server-Side Request Forgery (SSRF) vulnerability in Noor alam Magical Addons For Elementor.This...
Moderate
Unreviewed
CVE-2024-38730
was published
Jul 22, 2024
Server-Side Request Forgery (SSRF) vulnerability in Seraphinite Solutions Seraphinite Post .DOCX...
High
Unreviewed
CVE-2024-38728
was published
Jul 22, 2024
Server-Side Request Forgery (SSRF) vulnerability in Berqier Ltd BerqWP.This issue affects BerqWP:...
High
Unreviewed
CVE-2024-37942
was published
Jul 22, 2024
Server-Side Request Forgery (SSRF) vulnerability in Bernhard Kux JSON Content Importer.This issue...
Moderate
Unreviewed
CVE-2024-38723
was published
Jul 22, 2024
Server-Side Request Forgery (SSRF) vulnerability in WappPress Team WappPress.This issue affects...
Moderate
Unreviewed
CVE-2024-38758
was published
Jul 20, 2024
Apache CXF: SSRF vulnerability via WADL stylesheet parameter
Moderate
CVE-2024-29736
was published
for
org.apache.cxf:cxf-rt-rs-service-description
(Maven)
Jul 19, 2024
SSRF in Apache HTTP Server on Windows with mod_rewrite in server/vhost context, allows to...
Critical
Unreviewed
CVE-2024-40898
was published
Jul 18, 2024
Apache StreamPipes has possibility of SSRF in pipeline element installation process
Moderate
CVE-2024-31979
was published
for
org.apache.streampipes:streampipes-parent
(Maven)
Jul 17, 2024
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to server-side request...
Moderate
Unreviewed
CVE-2024-39739
was published
Jul 15, 2024
PublicCMS v4.0.202302.e was discovered to contain a Server-Side Request Forgery (SSRF) via the...
High
Unreviewed
CVE-2024-40544
was published
Jul 12, 2024
PublicCMS v4.0.202302.e was discovered to contain a Server-Side Request Forgery (SSRF) via the...
High
Unreviewed
CVE-2024-40543
was published
Jul 12, 2024
Microsoft SharePoint Server Information Disclosure Vulnerability
High
Unreviewed
CVE-2024-32987
was published
Jul 9, 2024
ProTip!
Advisories are also available from the
GraphQL API