Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,714
Erlang
34
GitHub Actions
28
Go
2,297
Maven
5,000+
npm
3,942
NuGet
708
pip
3,711
Pub
12
RubyGems
920
Rust
959
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

504 advisories

Loading
A Server-Side Request Forgery (SSRF) in the component sort.php of Emlog Pro v2.5.4 allows... Moderate Unreviewed
CVE-2025-25827 was published Mar 6, 2025
A vulnerability classified as critical was found in zj1983 zz up to 2024-8. Affected by this... Moderate Unreviewed
CVE-2025-1849 was published Mar 3, 2025
A vulnerability classified as critical has been found in zj1983 zz up to 2024-8. Affected is an... Moderate Unreviewed
CVE-2025-1848 was published Mar 3, 2025
A vulnerability, which was classified as critical, has been found in zj1983 zz up to 2024-8.... Moderate Unreviewed
CVE-2025-1833 was published Mar 3, 2025
A vulnerability, which was classified as critical, was found in Zorlan SkyCaiji 2.9. This affects... Moderate Unreviewed
CVE-2025-1799 was published Mar 1, 2025
The Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss... Moderate Unreviewed
CVE-2024-13697 was published Mar 1, 2025
The URL Media Uploader plugin for WordPress is vulnerable to Server-Side Request Forgery in all... Moderate Unreviewed
CVE-2025-1662 was published Feb 28, 2025
The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for... Moderate Unreviewed
CVE-2024-13907 was published Feb 27, 2025
The OneStore Sites plugin for WordPress is vulnerable to Server-Side Request Forgery in all... Moderate Unreviewed
CVE-2024-13905 was published Feb 27, 2025
The Enfold theme for WordPress is vulnerable to Server-Side Request Forgery in all versions up to... Moderate Unreviewed
CVE-2024-13695 was published Feb 25, 2025
A vulnerability was found in iteachyou Dreamer CMS 4.1.3. It has been declared as problematic.... Moderate Unreviewed
CVE-2025-1548 was published Feb 21, 2025
The Embed Any Document – Embed PDF, Word, PowerPoint and Excel Files plugin for WordPress is... Moderate Unreviewed
CVE-2025-1043 was published Feb 20, 2025
A vulnerability was found in kasuganosoras Pigeon 1.0.177. It has been declared as critical. This... Moderate Unreviewed
CVE-2025-1447 was published Feb 19, 2025
The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-13741 was published Feb 18, 2025
The Stream plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up... Moderate Unreviewed
CVE-2024-13879 was published Feb 17, 2025
The Responsive Plus – Starter Templates, Advanced Features and Customizer Settings for Responsive... Moderate Unreviewed
CVE-2024-13834 was published Feb 15, 2025
IBM Aspera Shares 1.9.0 through 1.10.0 PL6 is vulnerable to server-side request forgery (SSRF).... Moderate Unreviewed
CVE-2024-56471 was published Feb 6, 2025
IBM Aspera Shares 1.9.0 through 1.10.0 PL6 is vulnerable to server-side request forgery (SSRF).... Moderate Unreviewed
CVE-2024-56470 was published Feb 6, 2025
SSRF vulnerability in the RSS feed parser in Zimbra Collaboration 9.0.0 before Patch 43, 10.0.x... Moderate Unreviewed
CVE-2025-25065 was published Feb 3, 2025
Server-Side Request Forgery (SSRF) vulnerability in NotFound Traveler Layout Essential For... Moderate Unreviewed
CVE-2025-22701 was published Feb 3, 2025
Server-Side Request Forgery (SSRF) vulnerability in NotFound Oshine Modules. This issue affects... Moderate Unreviewed
CVE-2024-44055 was published Jan 31, 2025
The Multiple Page Generator Plugin – MPG plugin for WordPress is vulnerable to Server-Side... Moderate Unreviewed
CVE-2024-10705 was published Jan 26, 2025
Server-Side Request Forgery (SSRF) vulnerability in DLX Plugins Comment Edit Core – Simple... Moderate Unreviewed
CVE-2025-24703 was published Jan 24, 2025
Server-Side Request Forgery (SSRF) vulnerability in HasThemes Extensions For CF7 allows Server... Moderate Unreviewed
CVE-2025-24695 was published Jan 24, 2025
Server-Side Request Forgery (SSRF) vulnerability in Kiboko Labs Chained Quiz allows Server Side... Moderate Unreviewed
CVE-2025-24701 was published Jan 24, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database