Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,902
Maven
5,000+
npm
3,631
NuGet
638
pip
3,246
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,080 advisories

Loading
PublicCMS v4.0.202302.e was discovered to contain a Server-Side Request Forgery (SSRF) via the... High Unreviewed
CVE-2024-40543 was published Jul 12, 2024
Microsoft SharePoint Server Information Disclosure Vulnerability High Unreviewed
CVE-2024-32987 was published Jul 9, 2024
WebFlow Services of SAP Business Workflow allows an authenticated attacker to enumerate... Moderate Unreviewed
CVE-2024-34689 was published Jul 9, 2024
SAP Transportation Management (Collaboration Portal) allows an attacker with non-administrative... Moderate Unreviewed
CVE-2024-37171 was published Jul 9, 2024
SAP CRM (WebClient UI Framework) allows an authenticated attacker to enumerate accessible HTTP... Moderate Unreviewed
CVE-2024-39598 was published Jul 9, 2024
Directus Blind SSRF On File Import Moderate
CVE-2024-39699 was published for @directus/api (npm) Jul 8, 2024
dmitrii-zalmanov
IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20... Moderate Unreviewed
CVE-2024-31897 was published Jul 8, 2024
A vulnerability in the /models/apply endpoint of mudler/localai versions 2.15.0 allows for Server... Moderate Unreviewed
CVE-2024-6095 was published Jul 6, 2024
Server-Side Request Forgery (SSRF) vulnerability in Robert Macchi WP Scraper.This issue affects... Moderate Unreviewed
CVE-2024-37208 was published Jul 6, 2024
Server-Side Request Forgery (SSRF) vulnerability in Theme-Ruby Foxiz.This issue affects Foxiz:... High Unreviewed
CVE-2024-37260 was published Jul 6, 2024
Server Side Request Forgery (SSRF) attack in Fedify High
CVE-2024-39687 was published for @fedify/fedify (npm) Jul 5, 2024
ThisIsMissEm
Volmarg Personal Management System 1.4.64 is vulnerable to SSRF (Server Side Request Forgery) via... Critical Unreviewed
CVE-2024-29319 was published Jul 5, 2024
ShopXO Server-Side Request Forgery Vulnerability Moderate
CVE-2024-6524 was published for shopxo/shopxo (Composer) Jul 5, 2024
Server Side Request Forgery (SSRF) vulnerability in AdmirorFrames Joomla! extension in afGdStream... High Unreviewed
CVE-2024-5736 was published Jul 3, 2024
SSRF in Apache HTTP Server on Windows allows to potentially leak NTML hashes to a malicious... High Unreviewed
CVE-2024-38472 was published Jul 1, 2024
External server-side request vulnerability in MESbook 20221021.03 version, which could allow a... Critical Unreviewed
CVE-2024-6424 was published Jul 1, 2024
IBM InfoSphere Information Server 11.7 is vulnerable to server-side request forgery (SSRF). This... Moderate Unreviewed
CVE-2023-50952 was published Jun 30, 2024
stangirard/quivr version 0.0.236 contains a Server-Side Request Forgery (SSRF) vulnerability. The... High Unreviewed
CVE-2024-5885 was published Jun 27, 2024
A Server-Side Request Forgery (SSRF) vulnerability exists in the upload processing interface of... High Unreviewed
CVE-2024-5822 was published Jun 27, 2024
Server-Side Request Forgery (SSRF) vulnerability in Blossom Themes BlossomThemes Email Newsletter... Moderate Unreviewed
CVE-2024-37098 was published Jun 26, 2024
The W3C XML Signature Syntax and Processing (XMLDsig) specification, starting with 1.0, was... High Unreviewed
CVE-2024-34581 was published Jun 26, 2024
Apache XML Security for C++ through 2.0.4 implements the XML Signature Syntax and Processing ... Moderate Unreviewed
CVE-2024-34580 was published Jun 26, 2024
Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain a... Moderate Unreviewed
CVE-2024-29173 was published Jun 26, 2024
In WhatsUp Gold versions released before 2023.1.3, a Server Side Request Forgery vulnerability... High Unreviewed
CVE-2024-5014 was published Jun 25, 2024
In WhatsUp Gold versions released before 2023.1.3, an authenticated SSRF vulnerability in Wug.UI... High Unreviewed
CVE-2024-5015 was published Jun 25, 2024
ProTip! Advisories are also available from the GraphQL API