Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

478 advisories

Loading
SAP Transportation Management (Collaboration Portal) allows an attacker with non-administrative... Moderate Unreviewed
CVE-2024-37171 was published Jul 9, 2024
WebFlow Services of SAP Business Workflow allows an authenticated attacker to enumerate... Moderate Unreviewed
CVE-2024-34689 was published Jul 9, 2024
SAP CRM (WebClient UI Framework) allows an authenticated attacker to enumerate accessible HTTP... Moderate Unreviewed
CVE-2024-39598 was published Jul 9, 2024
Directus Blind SSRF On File Import Moderate
CVE-2024-39699 was published for @directus/api (npm) Jul 8, 2024
dmitrii-zalmanov
IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20... Moderate Unreviewed
CVE-2024-31897 was published Jul 8, 2024
A vulnerability in the /models/apply endpoint of mudler/localai versions 2.15.0 allows for Server... Moderate Unreviewed
CVE-2024-6095 was published Jul 6, 2024
Server-Side Request Forgery (SSRF) vulnerability in Robert Macchi WP Scraper.This issue affects... Moderate Unreviewed
CVE-2024-37208 was published Jul 6, 2024
Server Side Request Forgery (SSRF) attack in Fedify Moderate
CVE-2024-39687 was published for @fedify/fedify (npm) Jul 5, 2024
ThisIsMissEm
ShopXO Server-Side Request Forgery Vulnerability Moderate
CVE-2024-6524 was published for shopxo/shopxo (Composer) Jul 5, 2024
IBM InfoSphere Information Server 11.7 is vulnerable to server-side request forgery (SSRF). This... Moderate Unreviewed
CVE-2023-50952 was published Jun 30, 2024
Server-Side Request Forgery (SSRF) vulnerability in Blossom Themes BlossomThemes Email Newsletter... Moderate Unreviewed
CVE-2024-37098 was published Jun 26, 2024
Apache XML Security for C++ through 2.0.4 implements the XML Signature Syntax and Processing ... Moderate Unreviewed
CVE-2024-34580 was published Jun 26, 2024
Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain a... Moderate Unreviewed
CVE-2024-29173 was published Jun 26, 2024
Lobe Chat API Key Leak Moderate
CVE-2024-37895 was published for @lobehub/chat (npm) Jun 17, 2024
zhuozhiyongde
Magento Open Source Server-Side Request Forgery (SSRF) vulnerability Moderate
CVE-2024-34111 was published for magento/community-edition (Composer) Jun 13, 2024
The TablePress – Tables in WordPress made easy plugin for WordPress is vulnerable to Server-Side... Moderate Unreviewed
CVE-2024-4354 was published Jun 7, 2024
Server-Side Request Forgery in langchain-community.retrievers.web_research.WebResearchRetriever Moderate
CVE-2024-3095 was published for langchain-community (pip) Jun 6, 2024
eyurtsev
Prior to 23.2, it is possible to perform arbitrary Server-Side requests via HTTP-based connectors... Moderate Unreviewed
CVE-2024-4219 was published Jun 4, 2024
Server-Side Request Forgery (SSRF) vulnerability in WPManageNinja LLC Ninja Tables.This issue... Moderate Unreviewed
CVE-2024-35635 was published Jun 3, 2024
Server-Side Request Forgery (SSRF) vulnerability in CreativeThemes Blocksy Companion.This issue... Moderate Unreviewed
CVE-2024-35633 was published Jun 3, 2024
Server-Side Request Forgery (SSRF) vulnerability in Church Admin.This issue affects Church Admin:... Moderate Unreviewed
CVE-2024-35637 was published Jun 3, 2024
Server-side request forgery (SSRF) vulnerability exists in a-blog cms Ver.3.1.x series versions... Moderate Unreviewed
CVE-2024-30420 was published May 22, 2024
Server Side Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200.... Moderate Unreviewed
CVE-2024-3970 was published May 15, 2024
Server Side Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200.... Moderate Unreviewed
CVE-2024-3485 was published May 15, 2024
ITPison OMICARD EDM fails to properly filter specific URL parameter, allowing unauthenticated... Moderate Unreviewed
CVE-2024-4894 was published May 15, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database