GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,902
Maven
5,000+
npm
3,631
NuGet
638
pip
3,246
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
798 advisories
Filter by severity
The W3C XML Signature Syntax and Processing (XMLDsig) specification, starting with 1.0, was...
High
Unreviewed
CVE-2024-34581
was published
Jun 26, 2024
Apache XML Security for C++ through 2.0.4 implements the XML Signature Syntax and Processing ...
Moderate
Unreviewed
CVE-2024-34580
was published
Jun 26, 2024
Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain a...
Moderate
Unreviewed
CVE-2024-29173
was published
Jun 26, 2024
In WhatsUp Gold versions released before 2023.1.3, a Server Side Request Forgery vulnerability...
High
Unreviewed
CVE-2024-5014
was published
Jun 25, 2024
In WhatsUp Gold versions released before 2023.1.3, an authenticated SSRF vulnerability in Wug.UI...
High
Unreviewed
CVE-2024-5015
was published
Jun 25, 2024
Adminer and AdminerEvo are vulnerable to SSRF via database connection fields. This could allow an...
Unknown
Unreviewed
CVE-2023-45195
was published
Jun 25, 2024
A Server-Side Request Forgery vulnerability was identified in GitHub Enterprise Server that...
High
Unreviewed
CVE-2024-5746
was published
Jun 21, 2024
Strapi v4.24.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the component ...
High
Unreviewed
CVE-2024-37818
was published
Jun 20, 2024
The TablePress – Tables in WordPress made easy plugin for WordPress is vulnerable to Server-Side...
Moderate
Unreviewed
CVE-2024-4354
was published
Jun 7, 2024
A Server-Side Request Forgery (SSRF) vulnerability exists in the lunary-ai/lunary application,...
High
Unreviewed
CVE-2024-5328
was published
Jun 6, 2024
A Server-Side Request Forgery (SSRF) vulnerability exists in the upload link feature of mintplex...
Critical
Unreviewed
CVE-2024-3149
was published
Jun 6, 2024
A Server-Side Request Forgery (SSRF) vulnerability exists in the file upload section of imartinez...
High
Unreviewed
CVE-2024-5186
was published
Jun 6, 2024
A Server-Side Request Forgery (SSRF) vulnerability exists in the stangirard/quivr application,...
High
Unreviewed
CVE-2024-4851
was published
Jun 6, 2024
A Server-Side Request Forgery (SSRF) vulnerability exists in the 'add_webpage' endpoint of the...
High
Unreviewed
CVE-2024-5482
was published
Jun 6, 2024
A host whitelist parser issue in the proxy service implemented in the GravityZone Update Server...
High
Unreviewed
CVE-2024-4177
was published
Jun 6, 2024
A vulnerability in the web-based management interface of Cisco Finesse could allow an...
High
Unreviewed
CVE-2024-20404
was published
Jun 5, 2024
Grafana OnCall is an easy-to-use on-call management tool that will help reduce toil in on-call...
High
Unreviewed
CVE-2024-5526
was published
Jun 5, 2024
LyLme_spage v1.9.5 is vulnerable to Server-Side Request Forgery (SSRF) via the get_head function.
Critical
Unreviewed
CVE-2024-36675
was published
Jun 5, 2024
A Server-Side Request Forgery (SSRF) vulnerability exists in the latest version of mintplex-labs...
High
Unreviewed
CVE-2024-4084
was published
Jun 5, 2024
Prior to 23.2, it is possible to perform arbitrary Server-Side requests via HTTP-based connectors...
Moderate
Unreviewed
CVE-2024-4219
was published
Jun 4, 2024
Server-Side Request Forgery (SSRF) vulnerability in WPManageNinja LLC Ninja Tables.This issue...
Moderate
Unreviewed
CVE-2024-35635
was published
Jun 3, 2024
Server-Side Request Forgery (SSRF) vulnerability in CreativeThemes Blocksy Companion.This issue...
Moderate
Unreviewed
CVE-2024-35633
was published
Jun 3, 2024
Server-Side Request Forgery (SSRF) vulnerability in Church Admin.This issue affects Church Admin:...
Moderate
Unreviewed
CVE-2024-35637
was published
Jun 3, 2024
Server-side request forgery (SSRF) vulnerability exists in a-blog cms Ver.3.1.x series versions...
Moderate
Unreviewed
CVE-2024-30420
was published
May 22, 2024
Server Side Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200....
Moderate
Unreviewed
CVE-2024-3970
was published
May 15, 2024
ProTip!
Advisories are also available from the
GraphQL API