Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

478 advisories

Loading
Softnext Mail SQR Expert is an email management platform, it has inadequate filtering for a... Moderate Unreviewed
CVE-2023-48379 was published Dec 15, 2023
Server-Side Request Forgery in mindsdb Moderate
CVE-2023-49795 was published for mindsdb (pip) Dec 12, 2023
sylwia-budzynska
Server-Side Request Forgery (SSRF) vulnerability in Softaculous Team SpeedyCache – Cache,... Moderate Unreviewed
CVE-2023-49746 was published Dec 7, 2023
Server-Side Request Forgery (SSRF) vulnerability in Code for Recovery 12 Step Meeting List.This... Moderate Unreviewed
CVE-2023-46641 was published Dec 7, 2023
A server-side request forgery vulnerability in ESM prior to version 11.6.8 allows a low... Moderate Unreviewed
CVE-2023-6070 was published Nov 29, 2023
An issue in PublicCMS v.4.0.202302.e allows a remote attacker to obtain sensitive information via... Moderate Unreviewed
CVE-2023-48204 was published Nov 16, 2023
Server-Side Request Forgery (SSRF) in GitHub repository salesagility/suitecrm prior to 7.14.2, 8... Moderate Unreviewed
CVE-2023-6124 was published Nov 14, 2023
Server-Side Request Forgery (SSRF) vulnerability in PhonePe PhonePe Payment Solutions.This issue... Moderate Unreviewed
CVE-2022-45835 was published Nov 13, 2023
Server-Side Request Forgery (SSRF) vulnerability in StylemixThemes Motors – Car Dealer,... Moderate Unreviewed
CVE-2023-46207 was published Nov 13, 2023
Server-Side Request Forgery (SSRF) vulnerability in Blubrry PowerPress Podcasting plugin by... Moderate Unreviewed
CVE-2023-41239 was published Nov 13, 2023
Server-Side Request Forgery (SSRF) vulnerability in Poll Maker Team Poll Maker – Best WordPress... Moderate Unreviewed
CVE-2023-34013 was published Nov 13, 2023
Server-Side Request Forgery (SSRF) vulnerability in Andy Moyle Church Admin.This issue affects... Moderate Unreviewed
CVE-2023-38515 was published Nov 13, 2023
Server-Side Request Forgery (SSRF) vulnerability in WPChill Download Monitor.This issue affects... Moderate Unreviewed
CVE-2023-31219 was published Nov 13, 2023
Server-Side Request Forgery (SSRF) vulnerability in Dimitar Ivanov HTTP Headers.This issue... Moderate Unreviewed
CVE-2023-37978 was published Nov 13, 2023
Sentry Next.js vulnerable to SSRF via Next.js SDK tunnel endpoint Moderate
CVE-2023-46729 was published for @sentry/nextjs (npm) Nov 9, 2023
A server-side request forgery (SSRF) vulnerability has been reported to affect several QNAP... Moderate Unreviewed
CVE-2023-39301 was published Nov 3, 2023
A SSRF vulnerability has been found in ManageEngine Desktop Central affecting version 9.1.0,... Moderate Unreviewed
CVE-2023-4769 was published Nov 3, 2023
IBM Content Navigator 3.0.13 is vulnerable to server-side request forgery (SSRF). This may allow... Moderate Unreviewed
CVE-2023-35896 was published Nov 3, 2023
Unsecured WMS dynamic styling sld=<url> parameter affords blind unauthenticated SSRF Moderate
CVE-2023-41339 was published for org.geoserver.web:gs-web-app (Maven) Oct 24, 2023
thomsmith remsio-syn
us3r777 mprins
Apache Shenyu Server Side Request Forgery vulnerability Moderate
CVE-2023-25753 was published for org.apache.shenyu:shenyu-admin (Maven) Oct 19, 2023
Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier)... Moderate Unreviewed
CVE-2023-26366 was published Oct 13, 2023
Skype for Business Elevation of Privilege Vulnerability Moderate Unreviewed
CVE-2023-41763 was published Oct 10, 2023
SAP NetWeaver AS Java (GRMG Heartbeat application) - version 7.50, allows an attacker to send a... Moderate Unreviewed
CVE-2023-42477 was published Oct 10, 2023
The web interface of ATX Ucrypt through 3.5 allows authenticated users (or attackers using... Moderate Unreviewed
CVE-2023-39854 was published Oct 9, 2023
A Server-Side Request Forgery issue in the OpenID Connect Issuer in LemonLDAP::NG before 2.17.1... Moderate Unreviewed
CVE-2023-44469 was published Sep 29, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database