Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,743
Erlang
35
GitHub Actions
29
Go
2,315
Maven
5,000+
npm
3,949
NuGet
711
pip
3,729
Pub
12
RubyGems
920
Rust
965
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

340 advisories

Loading
A Server-Side Request Forgery (SSRF) in the component admin_webgather.php of SUCMS v1.0 allows... High Unreviewed
CVE-2025-25760 was published Feb 27, 2025
The web server receives a URL or similar request from an upstream component and retrieves the... High Unreviewed
CVE-2024-37359 was published Feb 20, 2025
Server-side request forgery (SSRF) vulnerability exists in FileMegane versions above 3.0.0.0... High Unreviewed
CVE-2025-20075 was published Feb 18, 2025
Server-Side Request Forgery (SSRF) vulnerability in Salesforce Tableau Server allows... High Unreviewed
CVE-2025-26494 was published Feb 11, 2025
Dell UCC Edge, version 2.3.0, contains a Blind SSRF on Add Customer SFTP Server vulnerability. An... High Unreviewed
CVE-2025-22399 was published Feb 11, 2025
A vulnerability has been identified in Opcenter Intelligence (All versions < V2501). Server-side... High Unreviewed
CVE-2025-26491 was published Feb 11, 2025
Server-Side Request Forgery (SSRF) in Microsoft Dynamics 365 Sales allows an authorized attacker... High Unreviewed
CVE-2025-21177 was published Feb 7, 2025
MSFM before v2025.01.01 was discovered to contain a Server-Side Request Forgery (SSRF) via the... High Unreviewed
CVE-2024-57767 was published Jan 15, 2025
Invoice Ninja is vulnerable to authenticated Server-Side Request Forgery (SSRF) allowing for... High Unreviewed
CVE-2025-0474 was published Jan 14, 2025
Veeam Backup for Microsoft Azure is vulnerable to Server-Side Request Forgery (SSRF). This may... High Unreviewed
CVE-2025-23082 was published Jan 14, 2025
HCL MyXalytics is affected by out-of-band resource load (HTTP) vulnerability. An attacker can... High Unreviewed
CVE-2024-42168 was published Jan 11, 2025
A Server-Side Request Forgery (SSRF) vulnerability in Microsoft Purview allows an authorized... High Unreviewed
CVE-2025-21385 was published Jan 10, 2025
A Server-Side Request Forgery vulnerability in the SonicOS SSH management interface allows a... High Unreviewed
CVE-2024-53705 was published Jan 9, 2025
A Server-Side Request Forgery (SSRF) in smarts-srl.com Smart Agent v.1.1.0 allows a remote... High Unreviewed
CVE-2024-50714 was published Dec 28, 2024
Server-Side Request Forgery in URL Mapper in Arctic Security's Arctic Hub versions 3.0.1764-5.6... High Unreviewed
CVE-2024-12867 was published Dec 20, 2024
A Server-Side Request Forgery (SSRF) in the endpoint http://{your-server}/url-to-pdf of Stirling... High Unreviewed
CVE-2024-55082 was published Dec 19, 2024
In the GetSimple CMS CE 3.3.19 management page, Server-Side Request Forgery (SSRF) can be... High Unreviewed
CVE-2024-55086 was published Dec 18, 2024
The WP All Import Pro plugin for WordPress is vulnerable to Server-Side Request Forgery in all... High Unreviewed
CVE-2024-9624 was published Dec 17, 2024
Server-Side Request Forgery (SSRF) vulnerability in SoftLab Radio Player allows Server Side... High Unreviewed
CVE-2024-54385 was published Dec 16, 2024
Server-Side Request Forgery (SSRF) vulnerability in Hep Hep Hurra (HHH) Hurrakify allows Server... High Unreviewed
CVE-2024-54330 was published Dec 13, 2024
Server-Side Request Forgery (SSRF) vulnerability in PlexTrac allowing requests to internal system... High Unreviewed
CVE-2024-11836 was published Dec 13, 2024
SAP NetWeaver Administrator(System Overview) allows an authenticated attacker to enumerate... High Unreviewed
CVE-2024-54197 was published Dec 10, 2024
Server-Side Request Forgery vulnerabilities were found providing a potential for access to... High Unreviewed
CVE-2024-6784 was published Dec 5, 2024
PostHog database_schema Server-Side Request Forgery Information Disclosure Vulnerability. This... High Unreviewed
CVE-2024-9710 was published Nov 22, 2024
A Server-Side Request Forgery (SSRF) vulnerability was discovered in chatwoot/chatwoot, affecting... High Unreviewed
CVE-2021-3742 was published Nov 15, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database