Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,714
Erlang
34
GitHub Actions
28
Go
2,297
Maven
5,000+
npm
3,942
NuGet
708
pip
3,711
Pub
12
RubyGems
920
Rust
959
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

504 advisories

Loading
An issue in personal-management-system Personal Management System 1.4.65 allows a remote attacker... Moderate Unreviewed
CVE-2025-29454 was published Apr 17, 2025
Server-Side Request Forgery (SSRF) vulnerability in Apache HertzBeat. This issue affects Apache... Moderate Unreviewed
CVE-2024-56736 was published Apr 16, 2025
A vulnerability was found in mirweiye Seven Bears Library CMS 2023. It has been classified as... Moderate Unreviewed
CVE-2025-3691 was published Apr 16, 2025
CrushFTP 9.x and 10.x through 10.8.4 and 11.x through 11.3.1 allows SSRF via the host and port... Moderate Unreviewed
CVE-2025-32102 was published Apr 15, 2025
Server-Side Request Forgery (SSRF) vulnerability in WP Royal Royal Elementor Addons allows Server... Moderate Unreviewed
CVE-2025-26990 was published Apr 15, 2025
Server-Side Request Forgery (SSRF) vulnerability in EPC Photography. This issue affects... Moderate Unreviewed
CVE-2025-30964 was published Apr 15, 2025
Dify v1.0 was discovered to contain a Server-Side Request Forgery (SSRF) via the component... Moderate Unreviewed
CVE-2025-29720 was published Apr 14, 2025
A Server-Side Request Forgery (SSRF) vulnerability was discovered in the videx-legacy-ssl web... Moderate Unreviewed
CVE-2025-22374 was published Apr 10, 2025
In affected Microsoft Windows versions of Octopus Deploy, the server can be coerced into sending... Moderate Unreviewed
CVE-2025-0539 was published Apr 10, 2025
Server-Side Request Forgery (SSRF) vulnerability in Angelo Mandato PowerPress Podcasting allows... Moderate Unreviewed
CVE-2025-32691 was published Apr 9, 2025
Server-Side Request Forgery (SSRF) vulnerability in QuantumCloud SEO Help allows Server Side... Moderate Unreviewed
CVE-2025-32675 was published Apr 9, 2025
Server-Side Request Forgery (SSRF) vulnerability in Joe Waymark allows Server Side Request... Moderate Unreviewed
CVE-2025-32487 was published Apr 9, 2025
Server-Side Request Forgery (SSRF) vulnerability in Jan Boddez IndieBlocks allows Server Side... Moderate Unreviewed
CVE-2025-31009 was published Apr 9, 2025
A vulnerability, which was classified as critical, has been found in mymagicpower AIAS 20250308.... Moderate Unreviewed
CVE-2025-3411 was published Apr 8, 2025
A vulnerability, which was classified as critical, was found in mymagicpower AIAS 20250308.... Moderate Unreviewed
CVE-2025-3412 was published Apr 8, 2025
In Zammad 6.4.x before 6.4.2, SSRF can occur. Authenticated admin users can enable webhooks in... Moderate Unreviewed
CVE-2025-32358 was published Apr 5, 2025
A vulnerability was found in xujiangfei admintwo 1.0. It has been classified as critical.... Moderate Unreviewed
CVE-2025-3254 was published Apr 4, 2025
A server-side request forgery (SSRF) vulnerability exists in the Bitdefender GravityZone Update... Moderate Unreviewed
CVE-2025-2245 was published Apr 4, 2025
A server-side request forgery (SSRF) vulnerability in Bitdefender GravityZone Console allows an... Moderate Unreviewed
CVE-2025-2243 was published Apr 4, 2025
Server-Side Request Forgery (SSRF) vulnerability in Wombat Plugins WP Optin Wheel allows Server... Moderate Unreviewed
CVE-2025-31824 was published Apr 1, 2025
Server-Side Request Forgery (SSRF) vulnerability in TheInnovs Team ElementsCSS Addons for... Moderate Unreviewed
CVE-2025-31796 was published Apr 1, 2025
A vulnerability was found in zhangyanbo2007 youkefu 4.2.0. It has been classified as critical.... Moderate Unreviewed
CVE-2025-2997 was published Mar 31, 2025
Server-Side Request Forgery (SSRF) vulnerability in Kishan WP Link Preview allows Server Side... Moderate Unreviewed
CVE-2025-31527 was published Mar 31, 2025
OneNav 1.1.0 is vulnerable to Server-Side Request Forgery (SSRF) in custom headers. Moderate Unreviewed
CVE-2025-28096 was published Mar 29, 2025
Server-Side Request Forgery (SSRF) vulnerability in WP Compress WP Compress for MainWP allows... Moderate Unreviewed
CVE-2025-31076 was published Mar 28, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database