GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,579
Composer 4,699
Erlang 34
GitHub Actions 28
Go 2,292
Maven 5,573
npm 3,941
NuGet 708
pip 3,708
Pub 12
RubyGems 919
Rust 959
Swift 38

Unreviewed advisories

All unreviewed 256,364

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

337 advisories

Filter by severity

Sort by

Least recently updated

A Server-side request forgery (SSRF) vulnerability has been identified in the SMA1000 Appliance... High Unreviewed

CVE-2025-40595 was published May 14, 2025

Sematell ReplyOne 7.4.3.0 allows SSRF via the application server API. High Unreviewed

CVE-2024-48907 was published May 2, 2025

A Server-side request forgery (SSRF) vulnerability has been identified in the SMA1000 Appliance... High Unreviewed

CVE-2025-2170 was published Apr 30, 2025

PostHog slack_incoming_webhook Server-Side Request Forgery Information Disclosure Vulnerability.... High Unreviewed

CVE-2025-1521 was published Apr 23, 2025

PostHog database_schema Server-Side Request Forgery Information Disclosure Vulnerability. This... High Unreviewed

CVE-2025-1522 was published Apr 23, 2025

An issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive information via the Import a... High Unreviewed

CVE-2025-29457 was published Apr 18, 2025

An issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive information via the Add... High Unreviewed

CVE-2025-29460 was published Apr 18, 2025

An issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive information via the Mail... High Unreviewed

CVE-2025-29459 was published Apr 18, 2025

An issue in a-blogcms 3.1.15 allows a remote attacker to obtain sensitive information via the ... High Unreviewed

CVE-2025-29461 was published Apr 18, 2025

An issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive information via the Change... High Unreviewed

CVE-2025-29458 was published Apr 18, 2025

An issue in Seo Panel 4.11.0 allows a remote attacker to obtain sensitive information via the... High Unreviewed

CVE-2025-29451 was published Apr 17, 2025

An issue in Seo Panel 4.11.0 allows a remote attacker to obtain sensitive information via the... High Unreviewed

CVE-2025-29452 was published Apr 17, 2025

SmartRobot from INTUMIT has a Server-Side Request Forgery vulnerability, allowing unauthenticated... High Unreviewed

CVE-2025-3572 was published Apr 14, 2025

The Product Import Export for WooCommerce – Import Export Product CSV Suite plugin for WordPress... High Unreviewed

CVE-2025-1912 was published Mar 26, 2025

The Export and Import Users and Customers plugin for WordPress is vulnerable to Server-Side... High Unreviewed

CVE-2025-1970 was published Mar 22, 2025

The Order Export & Order Import for WooCommerce plugin for WordPress is vulnerable to Server-Side... High Unreviewed

CVE-2024-13923 was published Mar 20, 2025

A Server-Side Request Forgery (SSRF) vulnerability was identified in the Requests utility of... High Unreviewed

CVE-2025-0454 was published Mar 20, 2025

A Server-Side Request Forgery (SSRF) vulnerability exists in the latest version of vanna-ai/vanna... High Unreviewed

CVE-2024-8099 was published Mar 20, 2025

comfyanonymous/comfyui version v0.2.4 suffers from a non-blind Server-Side Request Forgery (SSRF)... High Unreviewed

CVE-2024-12882 was published Mar 20, 2025

parisneo/lollms-webui version V13 (feather) suffers from a Server-Side Request Forgery (SSRF)... High Unreviewed

CVE-2024-12766 was published Mar 20, 2025

A Server-Side Request Forgery (SSRF) vulnerability was discovered in haotian-liu/llava, affecting... High Unreviewed

CVE-2024-12068 was published Mar 20, 2025

A vulnerability in haotian-liu/llava version 1.2.0 (LLaVA-1.6) allows for Server-Side Request... High Unreviewed

CVE-2024-11449 was published Mar 20, 2025

GPT Academic version 3.83 is vulnerable to a Server-Side Request Forgery (SSRF) vulnerability... High Unreviewed

CVE-2024-11030 was published Mar 20, 2025

A Server-Side Request Forgery (SSRF) in the component admin_webgather.php of SUCMS v1.0 allows... High Unreviewed

CVE-2025-25760 was published Feb 27, 2025

The web server receives a URL or similar request from an upstream component and retrieves the... High Unreviewed

CVE-2024-37359 was published Feb 20, 2025

Previous 1 2 3 4 5 … 13 14 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

337 advisories