Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,168
Erlang
30
GitHub Actions
19
Go
1,978
Maven
5,000+
npm
3,698
NuGet
656
pip
3,315
Pub
11
RubyGems
882
Rust
832
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,112 advisories

Loading
Server Side Request Forgery (SSRF) vulnerability in Pixelcurve Edubin edubin.This issue affects... Moderate Unreviewed
CVE-2024-39637 was published Aug 2, 2024
Server-Side Request Forgery (SSRF) vulnerability in Noor alam Magical Addons For Elementor allows... Moderate Unreviewed
CVE-2024-51665 was published Nov 4, 2024
Qualitor v8.24 was discovered to contain a Server-Side Request Forgery (SSRF) via the component ... High Unreviewed
CVE-2024-48360 was published Oct 31, 2024
xtreme1 <= v0.9.1 contains a Server-Side Request Forgery (SSRF) vulnerability in the /api/data... Moderate Unreviewed
CVE-2024-48346 was published Oct 30, 2024
A Server-Side Request Forgery (SSRF) vulnerability has been identified in eladmin 2.7 and earlier... Moderate Unreviewed
CVE-2024-51242 was published Oct 30, 2024
newbee-mall v1.0.0 is vulnerable to Server-Side Request Forgery (SSRF) via the goodsCoverImg... High Unreviewed
CVE-2024-48178 was published Oct 28, 2024
An issue was found in mipjz 5.0.5. In the mipPost method of \app\setting\controller\ApiAdminTool... Moderate Unreviewed
CVE-2024-48232 was published Oct 25, 2024
SparkShop <=1.1.7 is vulnerable to server-side request forgery (SSRF). This vulnerability allows... Moderate Unreviewed
CVE-2024-48107 was published Oct 28, 2024
An arbitrary file upload vulnerability in Huly Platform v0.6.295 allows attackers to execute... Moderate Unreviewed
CVE-2024-48450 was published Oct 25, 2024
An issue was discovered in mipjz 5.0.5. In the push method of app\tag\controller\ApiAdminTag.php... Moderate Unreviewed
CVE-2024-48234 was published Oct 26, 2024
Butterfly has path/URL confusion in resource handling leading to multiple weaknesses Critical
CVE-2024-47883 was published for org.openrefine.dependencies:butterfly (Maven) Oct 24, 2024
Anyscale Ray 2.6.3 and 2.8.0 allows a remote attacker to execute arbitrary code via the job... Critical Unreviewed
CVE-2023-48022 was published Nov 28, 2023
Recurly vulnerable to SSRF Critical
CVE-2017-0906 was published for recurly (pip) Jan 4, 2019
Server-side Request Forgery (SSRF) via img tags in reportlab High
CVE-2020-28463 was published for reportlab (pip) Mar 29, 2021
An issue in inducer relate before v.2024.1 allows a remote attacker to execute arbitrary code via... High Unreviewed
CVE-2024-32407 was published Apr 22, 2024
An issue was discovered in Zimbra Collaboration (ZCS) 10.1.x before 10.1.1, 10.0.x before 10.0.9,... High Unreviewed
CVE-2024-45518 was published Oct 22, 2024
Server-Side Request Forgery in Plone Moderate
CVE-2021-33510 was published for Plone (pip) Jun 15, 2021
Server-Side Request Forgery in Plone High
CVE-2021-33511 was published for Plone (pip) Jun 15, 2021
Server-Side Request Forgery (SSRF) vulnerability in WisdmLabs Edwiser Bridge.This issue affects... Moderate Unreviewed
CVE-2024-49312 was published Oct 17, 2024
PhpSpreadsheet allows absolute path traversal and Server-Side Request Forgery in HTML writer when embedding images is enabled Moderate
CVE-2024-45291 was published for phpoffice/phpspreadsheet (Composer) Oct 7, 2024
emilvirkki
An authenticated administrator is able to prepare an alert that is able to execute an SSRF attack... Moderate Unreviewed
CVE-2021-42079 was published Jul 10, 2023
The Mapplic and Mapplic Lite plugins for WordPress are vulnerable to Server-Side Request Forgery... High Unreviewed
CVE-2012-10018 was published Oct 16, 2024
Microcks contains a Server-Side Request Forgery (SSRF) via the component /jobs and /artifact/download Critical
CVE-2023-48910 was published for io.github.microcks:microcks (Maven) Dec 4, 2023
A Server-Side Request Forgery (SSRF) vulnerability exists in the jpress <= v5.1.1, which can be... High Unreviewed
CVE-2024-46468 was published Oct 11, 2024
SSRF attacks via tracebacks in Plone High
CVE-2020-28735 was published for Plone (pip) Apr 7, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database