Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

478 advisories

Loading
Possible External Service Interaction attack in eDirectory has been discovered in OpenText™... Moderate Unreviewed
CVE-2021-38132 was published Sep 12, 2024
req may send an unintended request when a malformed URL is provided Moderate
CVE-2024-45258 was published for github.com/imroc/req (Go) Aug 26, 2024
Potential access to sensitive URLs via CKAN extensions (SSRF) Moderate
CVE-2024-43371 was published for ckan (pip) Aug 21, 2024
ThrawnCA senzee1984
XML External Entity (XXE) vulnerability in Terminalfour 8.0.0001 through 8.3.18 and XML JDBC... Moderate Unreviewed
CVE-2024-22219 was published Aug 15, 2024
A Server-Side Request Forgery (SSRF) vulnerability in Terminalfour before 8.3.19 allows... Moderate Unreviewed
CVE-2024-22217 was published Aug 15, 2024
A vulnerability was found in wanglongcn ltcms 1.0.20. It has been classified as critical.... Moderate Unreviewed
CVE-2024-7742 was published Aug 13, 2024
A vulnerability was found in wanglongcn ltcms 1.0.20. It has been declared as critical. Affected... Moderate Unreviewed
CVE-2024-7743 was published Aug 13, 2024
A vulnerability has been found in wanglongcn ltcms 1.0.20 and classified as critical. This... Moderate Unreviewed
CVE-2024-7740 was published Aug 13, 2024
SAP CRM ABAP (Insights Management) allows an authenticated attacker to enumerate HTTP endpoints... Moderate Unreviewed
CVE-2024-41737 was published Aug 13, 2024
memos vulnerable to Server-Side Request Forgery in /api/resource Moderate
CVE-2024-29030 was published for github.com/usememos/memos (Go) Aug 5, 2024
memos vulnerable to Server-Side Request Forgery in /o/get/httpmeta Moderate
CVE-2024-29028 was published for github.com/usememos/memos (Go) Aug 5, 2024
memos vulnerable to Server-Side Request Forgery and Cross-site Scripting Moderate
CVE-2024-29029 was published for github.com/usememos/memos (Go) Aug 5, 2024
Server Side Request Forgery (SSRF) vulnerability in Pixelcurve Edubin edubin.This issue affects... Moderate Unreviewed
CVE-2024-39637 was published Aug 2, 2024
Server-Side Request Forgery (SSRF) vulnerability in Jordy Meow AI Engine: ChatGPT Chatbot allows... Moderate Unreviewed
CVE-2024-38791 was published Aug 1, 2024
The Remote Content Shortcode plugin for WordPress is vulnerable to Server-Side Request Forgery in... Moderate Unreviewed
CVE-2024-2090 was published Aug 1, 2024
A vulnerability has been found in YouDianCMS 7 and classified as critical. Affected by this... Moderate Unreviewed
CVE-2024-7330 was published Aug 1, 2024
Automation Anywhere Automation 360 v21-v32 is vulnerable to Server-Side Request Forgery in a web... Moderate Unreviewed
CVE-2024-6922 was published Jul 26, 2024
Server-Side Request Forgery (SSRF) vulnerability in Noor alam Magical Addons For Elementor.This... Moderate Unreviewed
CVE-2024-38730 was published Jul 22, 2024
Server-Side Request Forgery (SSRF) vulnerability in Bernhard Kux JSON Content Importer.This issue... Moderate Unreviewed
CVE-2024-38723 was published Jul 22, 2024
Server-Side Request Forgery (SSRF) vulnerability in WappPress Team WappPress.This issue affects... Moderate Unreviewed
CVE-2024-38758 was published Jul 20, 2024
The server responded with an HTTP status of 500, indicating a server-side error that may cause... Moderate Unreviewed
CVE-2024-30125 was published Jul 18, 2024
Apache StreamPipes has possibility of SSRF in pipeline element installation process Moderate
CVE-2024-31979 was published for org.apache.streampipes:streampipes-parent (Maven) Jul 17, 2024
There is an SSRF vulnerability in the Fluid Topics platform that affects versions prior to 4.3,... Moderate Unreviewed
CVE-2023-31456 was published Jul 16, 2024
The vulnerability allows a malicious low-privileged PAM user to perform server upgrade related... Moderate Unreviewed
CVE-2024-36458 was published Jul 15, 2024
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to server-side request... Moderate Unreviewed
CVE-2024-39739 was published Jul 15, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database