GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,590
Composer 4,706
Erlang 34
GitHub Actions 28
Go 2,292
Maven 5,573
npm 3,942
NuGet 708
pip 3,711
Pub 12
RubyGems 919
Rust 959
Swift 38

Unreviewed advisories

All unreviewed 256,496

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

504 advisories

Filter by severity

Sort by

Least recently updated

The Ninja Forms Webhooks plugin for WordPress is vulnerable to Server-Side Request Forgery in all... Moderate Unreviewed

CVE-2024-13940 was published May 14, 2025

Server-Side Request Forgery (SSRF) vulnerability in ThimPress WP Pipes allows Server Side Request... Moderate Unreviewed

CVE-2025-47664 was published May 7, 2025

Server-Side Request Forgery (SSRF) vulnerability in WPWebinarSystem WebinarPress allows Server... Moderate Unreviewed

CVE-2025-47635 was published May 7, 2025

Server-Side Request Forgery (SSRF) vulnerability in Varun Dubey Wbcom Designs - Activity Link... Moderate Unreviewed

CVE-2025-47548 was published May 7, 2025

Server-Side Request Forgery (SSRF) vulnerability in Oliver Campion Display Remote Posts Block... Moderate Unreviewed

CVE-2025-47484 was published May 7, 2025

Server-Side Request Forgery (SSRF) vulnerability in Iulia Cazan Easy Replace Image allows Server... Moderate Unreviewed

CVE-2025-47483 was published May 7, 2025

Server-Side Request Forgery (SSRF) vulnerability in solacewp Solace Extra allows Server Side... Moderate Unreviewed

CVE-2025-47464 was published May 7, 2025

MrDoc v0.95 and before is vulnerable to Server-Side Request Forgery (SSRF) in the validate_url... Moderate Unreviewed

CVE-2025-45250 was published May 6, 2025

IBM Concert Software 1.0.0 through 1.0.5 is vulnerable to server-side request forgery (SSRF).... Moderate Unreviewed

CVE-2024-55910 was published May 2, 2025

The Gravity Forms WebHooks plugin for WordPress is vulnerable to Server-Side Request Forgery in... Moderate Unreviewed

CVE-2024-13845 was published May 1, 2025

DevExpress before 23.1.3 allows AsyncDownloader SSRF. Moderate Unreviewed

CVE-2023-35817 was published Apr 28, 2025

A vulnerability was found in playeduxyz PlayEdu 开源培训系统 up to 1.8 and classified as problematic.... Moderate Unreviewed

CVE-2025-4012 was published Apr 28, 2025

A vulnerability, which was classified as problematic, has been found in ChurchCRM 5.16.0.... Moderate Unreviewed

CVE-2025-3954 was published Apr 27, 2025

The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +20 Modules – All in One Solution ... Moderate Unreviewed

CVE-2025-3775 was published Apr 25, 2025

Server-Side Request Forgery (SSRF) vulnerability in Ankur Vishwakarma WP AVCL Automation Helper ... Moderate Unreviewed

CVE-2025-46531 was published Apr 24, 2025

Server-Side Request Forgery (SSRF) vulnerability in josheli Simple Google Photos Grid allows... Moderate Unreviewed

CVE-2025-46503 was published Apr 24, 2025

Server-Side Request Forgery (SSRF) vulnerability in Derek Springer BeerXML Shortcode allows... Moderate Unreviewed

CVE-2025-46511 was published Apr 24, 2025

Server-Side Request Forgery (SSRF) vulnerability in Adam Pery Animate allows Server Side Request... Moderate Unreviewed

CVE-2025-46443 was published Apr 24, 2025

IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to server-side request forgery (SSRF).... Moderate Unreviewed

CVE-2025-27907 was published Apr 22, 2025

A vulnerability was found in PbootCMS 3.2.5. It has been classified as problematic. Affected is... Moderate Unreviewed

CVE-2025-3787 was published Apr 18, 2025

An issue in personal-management-system Personal Management System 1.4.65 allows a remote attacker... Moderate Unreviewed

CVE-2025-29453 was published Apr 18, 2025

An issue in personal-management-system Personal Management System 1.4.65 allows a remote attacker... Moderate Unreviewed

CVE-2025-29456 was published Apr 18, 2025

An issue in twonav v.2.1.18-20241105 allows a remote attacker to obtain sensitive information via... Moderate Unreviewed

CVE-2025-29450 was published Apr 17, 2025

An issue in twonav v.2.1.18-20241105 allows a remote attacker to obtain sensitive information via... Moderate Unreviewed

CVE-2025-29449 was published Apr 17, 2025

An issue in personal-management-system Personal Management System 1.4.65 allows a remote attacker... Moderate Unreviewed

CVE-2025-29455 was published Apr 17, 2025

Previous 1 2 3 4 5 … 20 21 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

504 advisories