GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,599
Composer 4,709
Erlang 34
GitHub Actions 28
Go 2,296
Maven 5,575
npm 3,942
NuGet 708
pip 3,711
Pub 12
RubyGems 920
Rust 959
Swift 38

Unreviewed advisories

All unreviewed 256,589

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

504 advisories

Filter by severity

Sort by

Least recently updated

Server-Side Request Forgery (SSRF) vulnerability in SuitePlugins Video & Photo Gallery for... Moderate Unreviewed

CVE-2025-22672 was published Mar 27, 2025

Server-Side Request Forgery (SSRF) vulnerability in XpeedStudio Metform allows Server Side... Moderate Unreviewed

CVE-2025-30914 was published Mar 27, 2025

A vulnerability was found in zhangyd-c OneBlog up to 2.3.9. It has been declared as problematic.... Moderate Unreviewed

CVE-2025-2835 was published Mar 27, 2025

The Zapier for WordPress plugin for WordPress is vulnerable to Server-Side Request Forgery in all... Moderate Unreviewed

CVE-2024-13411 was published Mar 26, 2025

The WP Compress – Instant Performance & Speed Optimization plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2025-2109 was published Mar 25, 2025

A Server-Side Request Forgery vulnerability in the APROL Web Portal used in B&R APROL <4.4-00P5... Moderate Unreviewed

CVE-2024-10207 was published Mar 25, 2025

A Server-Side Request Forgery vulnerability in the APROL Web Portal used in B&R APROL <4.4-00P5... Moderate Unreviewed

CVE-2024-10206 was published Mar 25, 2025

The Your Friendly Drag and Drop Page Builder — Make Builder plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2024-13856 was published Mar 22, 2025

A Server-Side Request Forgery (SSRF) vulnerability was discovered in gaizhenbiao/chuanhuchatgpt... Moderate Unreviewed

CVE-2025-0188 was published Mar 20, 2025

A Server-Side Request Forgery (SSRF) vulnerability was identified in langgenius/dify version 0.10... Moderate Unreviewed

CVE-2025-0184 was published Mar 20, 2025

A Server-Side Request Forgery (SSRF) vulnerability exists in infiniflow/ragflow version 0.12.0.... Moderate Unreviewed

CVE-2024-12779 was published Mar 20, 2025

langgenius/dify version 0.10.1 contains a Server-Side Request Forgery (SSRF) vulnerability in the... Moderate Unreviewed

CVE-2024-12775 was published Mar 20, 2025

A Server-Side Request Forgery (SSRF) vulnerability exists in binary-husky/gpt_academic version... Moderate Unreviewed

CVE-2024-12392 was published Mar 20, 2025

In infiniflow/ragflow versions 0.12.0, the `web_crawl` function in `document_app.py` contains... Moderate Unreviewed

CVE-2024-12450 was published Mar 20, 2025

langgenius/dify version 0.9.1 contains a Server-Side Request Forgery (SSRF) vulnerability. The... Moderate Unreviewed

CVE-2024-11822 was published Mar 20, 2025

Multiple Server-Side Request Forgery (SSRF) vulnerabilities were identified in the significant... Moderate Unreviewed

CVE-2024-10457 was published Mar 20, 2025

IBM QRadar Advisor 1.0.0 through 2.6.5 is vulnerable to server-side request forgery (SSRF). This... Moderate Unreviewed

CVE-2024-49822 was published Mar 18, 2025

Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) a... Moderate Unreviewed

CVE-2025-22474 was published Mar 17, 2025

The Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin plugin... Moderate Unreviewed

CVE-2024-13838 was published Mar 12, 2025

A vulnerability, which was classified as problematic, was found in Stoque Zeev.it 4.24. This... Moderate Unreviewed

CVE-2025-2192 was published Mar 11, 2025

A vulnerability has been found in Beijing Founder Electronics Founder Enjoys All-Media... Moderate Unreviewed

CVE-2025-2116 was published Mar 9, 2025

The Starter Templates by FancyWP plugin for WordPress is vulnerable to Blind Server-Side Request... Moderate Unreviewed

CVE-2024-13924 was published Mar 8, 2025

A server-side request forgery (SSRF) vulnerability has been reported to affect QuLog Center. If... Moderate Unreviewed

CVE-2024-53696 was published Mar 7, 2025

The WPGet API – Connect to any external REST API plugin for WordPress is vulnerable to Server... Moderate Unreviewed

CVE-2024-13857 was published Mar 7, 2025

The Platform.ly for WooCommerce plugin for WordPress is vulnerable to Blind Server-Side Request... Moderate Unreviewed

CVE-2024-13904 was published Mar 7, 2025

Previous 1 2 3 4 5 … 20 21 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

504 advisories