Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
21
Go
2,094
Maven
5,000+
npm
3,759
NuGet
678
pip
3,445
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

423 advisories

Loading
Advanced Secure Gateway and Content Analysis, prior to 7.3.13.1 / 3.1.6.0, may be susceptible to... High Unreviewed
CVE-2023-23955 was published Jun 1, 2023
davinci 0.3.0-rc is vulnerable to Server-side request forgery (SSRF). High Unreviewed
CVE-2023-31848 was published May 17, 2023
Access control issues in blackbox_exporter High
CVE-2023-26735 was published for github.com/prometheus/blackbox_exporter (Go) Apr 26, 2023
A Server-Side Request Forgery vulnerability in DELMIA Apriso Release 2017 through Release 2022 ... High Unreviewed
CVE-2023-2140 was published Apr 21, 2023
SvelteKit framework has Insufficient CSRF protection for CORS requests High
CVE-2023-29008 was published for @sveltejs/kit (npm) Apr 7, 2023
Ry0taK benmccann
dominikg Conduitry
Appwrite Server-Side Request Forgery vulnerability High
CVE-2023-27159 was published for appwrite/server-ce (Composer) Mar 31, 2023
forem up to v2022.11.11 was discovered to contain a Server-Side Request Forgery (SSRF) via the... High Unreviewed
CVE-2023-27160 was published Mar 31, 2023
Server-Side Request Forgery (SSRF) vulnerability in Infoline Project Management System allows... High Unreviewed
CVE-2023-1725 was published Mar 30, 2023
Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache Fineract.... High Unreviewed
CVE-2023-25195 was published Mar 28, 2023
Stimulsoft GmbH Stimulsoft Designer (Web) 2023.1.3 is vulnerable to Server Side Request Forgery ... High Unreviewed
CVE-2023-25262 was published Mar 28, 2023
CairoSVG improperly processes SVG files loaded from external resources High
CVE-2023-27586 was published for CairoSVG (pip) Mar 20, 2023
Cyxow
In SAP BusinessObjects Business Intelligence Platform (Web Services) - versions 420, 430, an... High Unreviewed
CVE-2023-27271 was published Mar 14, 2023
Due to improper input controls In SAP NetWeaver AS for ABAP and ABAP Platform - versions 700, 701... High Unreviewed
CVE-2023-26459 was published Mar 14, 2023
In SAP BusinessObjects Business Intelligence Platform - version 420, 430, an attacker can control... High Unreviewed
CVE-2023-27896 was published Mar 14, 2023
Jellyfin up to v10.7.7 was discovered to contain a Server-Side Request Forgery (SSRF) via the... High Unreviewed
CVE-2023-27161 was published Mar 10, 2023
Moodle vulnerable to Server-Side Request Forgery High
CVE-2021-36396 was published for moodle/moodle (Composer) Mar 6, 2023
A vulnerability classified as critical has been found in MuYuCMS 2.2. This affects an unknown... High Unreviewed
CVE-2023-1046 was published Feb 26, 2023
Limited Server-Side Request Forgery (SSRF) in agent-receiver in Tribe29's Checkmk <= 2.1.0p11... High Unreviewed
CVE-2022-48321 was published Feb 20, 2023
Server-Side Request Forgery in Plone CMS High
CVE-2021-33926 was published for Plone (pip) Feb 17, 2023
maccms10 2021.1000.2000 is vulnerable to Server-side request forgery (SSRF). High Unreviewed
CVE-2022-47872 was published Feb 2, 2023
Paranoidhttp Server-Side Request Forgery vulnerability High
CVE-2023-24623 was published for github.com/hakobe/paranoidhttp (Go) Jan 30, 2023
ONLYOFFICE all versions as of 2021-11-08 is vulnerable to Server-Side Request Forgery (SSRF). The... High Unreviewed
CVE-2021-43449 was published Jan 23, 2023
An issue was discovered in OpenText Content Suite Platform 22.1 (16.2.19.1803). The endpoint... High Unreviewed
CVE-2022-45926 was published Jan 18, 2023
RHACM: unauthenticated SSRF in console API endpoint. A Server-Side Request Forgery (SSRF)... High Unreviewed
CVE-2022-3841 was published Jan 13, 2023
A Server-Side Request Forgery (SSRF) in Rocket TRUfusion Portal v7.9.2.1 allows remote attackers... High Unreviewed
CVE-2022-25026 was published Jan 13, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database