Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,732
Erlang
35
GitHub Actions
29
Go
2,310
Maven
5,000+
npm
3,949
NuGet
711
pip
3,728
Pub
12
RubyGems
920
Rust
964
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

340 advisories

Loading
maccms10 v2025.1000.4047 is vulnerable to Server-side request forgery (SSRF) in Email Settings. High Unreviewed
CVE-2025-45474 was published May 29, 2025
SSRF Server Side Request Forgery vulnerabilities exist in ASPECT if administrator credentials... High Unreviewed
CVE-2024-13957 was published May 22, 2025
A Server-side request forgery (SSRF) vulnerability has been identified in the SMA1000 Appliance... High Unreviewed
CVE-2025-40595 was published May 14, 2025
Sematell ReplyOne 7.4.3.0 allows SSRF via the application server API. High Unreviewed
CVE-2024-48907 was published May 2, 2025
A Server-side request forgery (SSRF) vulnerability has been identified in the SMA1000 Appliance... High Unreviewed
CVE-2025-2170 was published Apr 30, 2025
PostHog database_schema Server-Side Request Forgery Information Disclosure Vulnerability. This... High Unreviewed
CVE-2025-1522 was published Apr 23, 2025
PostHog slack_incoming_webhook Server-Side Request Forgery Information Disclosure Vulnerability.... High Unreviewed
CVE-2025-1521 was published Apr 23, 2025
An issue in a-blogcms 3.1.15 allows a remote attacker to obtain sensitive information via the ... High Unreviewed
CVE-2025-29461 was published Apr 18, 2025
An issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive information via the Mail... High Unreviewed
CVE-2025-29459 was published Apr 18, 2025
An issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive information via the Import a... High Unreviewed
CVE-2025-29457 was published Apr 18, 2025
An issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive information via the Change... High Unreviewed
CVE-2025-29458 was published Apr 18, 2025
An issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive information via the Add... High Unreviewed
CVE-2025-29460 was published Apr 18, 2025
An issue in Seo Panel 4.11.0 allows a remote attacker to obtain sensitive information via the... High Unreviewed
CVE-2025-29452 was published Apr 17, 2025
An issue in Seo Panel 4.11.0 allows a remote attacker to obtain sensitive information via the... High Unreviewed
CVE-2025-29451 was published Apr 17, 2025
SmartRobot from INTUMIT has a Server-Side Request Forgery vulnerability, allowing unauthenticated... High Unreviewed
CVE-2025-3572 was published Apr 14, 2025
The Product Import Export for WooCommerce – Import Export Product CSV Suite plugin for WordPress... High Unreviewed
CVE-2025-1912 was published Mar 26, 2025
The Export and Import Users and Customers plugin for WordPress is vulnerable to Server-Side... High Unreviewed
CVE-2025-1970 was published Mar 22, 2025
The Order Export & Order Import for WooCommerce plugin for WordPress is vulnerable to Server-Side... High Unreviewed
CVE-2024-13923 was published Mar 20, 2025
A Server-Side Request Forgery (SSRF) vulnerability was identified in the Requests utility of... High Unreviewed
CVE-2025-0454 was published Mar 20, 2025
A Server-Side Request Forgery (SSRF) vulnerability exists in the latest version of vanna-ai/vanna... High Unreviewed
CVE-2024-8099 was published Mar 20, 2025
comfyanonymous/comfyui version v0.2.4 suffers from a non-blind Server-Side Request Forgery (SSRF)... High Unreviewed
CVE-2024-12882 was published Mar 20, 2025
parisneo/lollms-webui version V13 (feather) suffers from a Server-Side Request Forgery (SSRF)... High Unreviewed
CVE-2024-12766 was published Mar 20, 2025
A vulnerability in haotian-liu/llava version 1.2.0 (LLaVA-1.6) allows for Server-Side Request... High Unreviewed
CVE-2024-11449 was published Mar 20, 2025
A Server-Side Request Forgery (SSRF) vulnerability was discovered in haotian-liu/llava, affecting... High Unreviewed
CVE-2024-12068 was published Mar 20, 2025
GPT Academic version 3.83 is vulnerable to a Server-Side Request Forgery (SSRF) vulnerability... High Unreviewed
CVE-2024-11030 was published Mar 20, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database