Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,168
Erlang
30
GitHub Actions
19
Go
1,978
Maven
5,000+
npm
3,698
NuGet
656
pip
3,315
Pub
11
RubyGems
882
Rust
832
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

279 advisories

Loading
A vulnerability classified as critical has been found in MuYuCMS 2.2. This affects an unknown... High Unreviewed
CVE-2023-1046 was published Feb 26, 2023
Limited Server-Side Request Forgery (SSRF) in agent-receiver in Tribe29's Checkmk <= 2.1.0p11... High Unreviewed
CVE-2022-48321 was published Feb 20, 2023
maccms10 2021.1000.2000 is vulnerable to Server-side request forgery (SSRF). High Unreviewed
CVE-2022-47872 was published Feb 2, 2023
ONLYOFFICE all versions as of 2021-11-08 is vulnerable to Server-Side Request Forgery (SSRF). The... High Unreviewed
CVE-2021-43449 was published Jan 23, 2023
An issue was discovered in OpenText Content Suite Platform 22.1 (16.2.19.1803). The endpoint... High Unreviewed
CVE-2022-45926 was published Jan 18, 2023
RHACM: unauthenticated SSRF in console API endpoint. A Server-Side Request Forgery (SSRF)... High Unreviewed
CVE-2022-3841 was published Jan 13, 2023
A Server-Side Request Forgery (SSRF) in Rocket TRUfusion Portal v7.9.2.1 allows remote attackers... High Unreviewed
CVE-2022-25026 was published Jan 13, 2023
Protections against potential Server-Side Request Forgery (SSRF) vulnerabilities in Esri Portal... High Unreviewed
CVE-2022-38212 was published Dec 29, 2022
Protections against potential Server-Side Request Forgery (SSRF) vulnerabilities in Esri Portal... High Unreviewed
CVE-2022-38203 was published Dec 29, 2022
Protections against potential Server-Side Request Forgery (SSRF) vulnerabilities in Esri Portal... High Unreviewed
CVE-2022-38211 was published Dec 29, 2022
Some Dahua software products have a vulnerability of server-side request forgery (SSRF). An... High Unreviewed
CVE-2022-45429 was published Dec 27, 2022
An issue in the graphData.cgi component of perfSONAR v4.4.5 and prior allows attackers to access... High Unreviewed
CVE-2022-41412 was published Nov 30, 2022
Auth. (subscriber+) Server-Side Request Forgery (SSRF) vulnerability in Better Messages plugin 1... High Unreviewed
CVE-2022-41609 was published Nov 19, 2022
kkFileView v4.1.0 was discovered to contain a Server-Side Request Forgery (SSRF) via the... High Unreviewed
CVE-2022-43140 was published Nov 17, 2022
A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). An... High Unreviewed
CVE-2022-42894 was published Nov 17, 2022
A vulnerability in the web-based management interface of Cisco BroadWorks CommPilot application... High Unreviewed
CVE-2022-20958 was published Nov 4, 2022
The Web Stories plugin for WordPress is vulnerable to Server-Side Request Forgery in versions up... High Unreviewed
CVE-2022-3708 was published Oct 29, 2022
A vulnerability in the MiCollab Client server component of Mitel MiCollab through 9.5.0.101 could... High Unreviewed
CVE-2022-36451 was published Oct 25, 2022
Microsoft Exchange Server Elevation of Privilege Vulnerability. High Unreviewed
CVE-2022-41040 was published Oct 4, 2022
The Post SMTP Mailer/Email Log WordPress plugin before 2.1.7 does not have proper authorisation... High Unreviewed
CVE-2022-2352 was published Sep 27, 2022
A Server-Side Request Forgery (SSRF) in fetch_net_file_upload function of baijiacmsV4 v4.1.4... High Unreviewed
CVE-2022-38931 was published Sep 21, 2022
The Web Player component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS... High Unreviewed
CVE-2022-30579 was published Sep 21, 2022
Appsmith v1.7.11 was discovered to allow attackers to execute an authenticated Server-Side... High Unreviewed
CVE-2022-38298 was published Sep 13, 2022
The All-in-One Video Gallery plugin for WordPress is vulnerable to arbitrary file downloads and... High Unreviewed
CVE-2022-2633 was published Sep 7, 2022
An issue was discovered in ProxyServlet.java in the /proxy servlet in Zimbra Collaboration Suite ... High Unreviewed
CVE-2022-37041 was published Aug 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database