Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

478 advisories

Loading
A vulnerability classified as critical was found in IPC Unigy Management System 04.03.00.08.0027.... Moderate Unreviewed
CVE-2024-11618 was published Nov 22, 2024
safeurl-python contains Server-Side Request Forgery Moderate
CVE-2023-24622 was published for safeurl-python (pip) Jan 27, 2023
whoissecure
Server-Side Request Forgery in mindsdb Moderate
CVE-2023-49795 was published for mindsdb (pip) Dec 12, 2023
sylwia-budzynska
Label Studio SSRF on Import Bypassing `SSRF_PROTECTION_ENABLED` Protections Moderate
CVE-2023-47116 was published for label-studio (pip) Jan 31, 2024
alex-elttam isacaya
The vulnerability allows a malicious low-privileged PAM user to perform server upgrade related... Moderate Unreviewed
CVE-2024-36458 was published Jul 15, 2024
Applications that use Wget to access a remote resource using shorthand URLs and pass arbitrary... Moderate Unreviewed
CVE-2024-10524 was published Nov 19, 2024
req may send an unintended request when a malformed URL is provided Moderate
CVE-2024-45258 was published for github.com/imroc/req (Go) Aug 26, 2024
Server Side Request Forgery (SSRF) attack in Fedify Moderate
CVE-2024-39687 was published for @fedify/fedify (npm) Jul 5, 2024
ThisIsMissEm
A server-side request forgery in PAN-OS software enables an unauthenticated attacker to use the... Moderate Unreviewed
CVE-2024-5917 was published Nov 14, 2024
The urllib.parse.urlsplit() and urlparse() functions improperly validated bracketed hosts (`[]`),... Moderate Unreviewed
CVE-2024-11168 was published Nov 13, 2024
The server responded with an HTTP status of 500, indicating a server-side error that may cause... Moderate Unreviewed
CVE-2024-30125 was published Jul 18, 2024
Server-Side Request Forgery (SSRF) vulnerability in I Thirteen Web Solution Responsive Filterable... Moderate Unreviewed
CVE-2024-51785 was published Nov 9, 2024
The Code Embed plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions... Moderate Unreviewed
CVE-2024-10814 was published Nov 9, 2024
Northern.tech Mender before 3.6.6 and 3.7.x before 3.7.7 allows SSRF. Moderate Unreviewed
CVE-2024-46947 was published Nov 8, 2024
Server Side Request Forgery (SSRF) vulnerability in Likeshop before 2.5.7 allows attackers to... Moderate Unreviewed
CVE-2024-24028 was published Mar 21, 2024
gradio Server Side Request Forgery vulnerability Moderate
CVE-2024-48052 was published for gradio (pip) Nov 5, 2024
There is an SSRF vulnerability in the Fluid Topics platform that affects versions prior to 4.3,... Moderate Unreviewed
CVE-2023-31456 was published Jul 16, 2024
Server Side Request Forgery (SSRF) vulnerability in Pixelcurve Edubin edubin.This issue affects... Moderate Unreviewed
CVE-2024-39637 was published Aug 2, 2024
Server-Side Request Forgery (SSRF) vulnerability in Noor alam Magical Addons For Elementor allows... Moderate Unreviewed
CVE-2024-51665 was published Nov 4, 2024
xtreme1 <= v0.9.1 contains a Server-Side Request Forgery (SSRF) vulnerability in the /api/data... Moderate Unreviewed
CVE-2024-48346 was published Oct 30, 2024
A Server-Side Request Forgery (SSRF) vulnerability has been identified in eladmin 2.7 and earlier... Moderate Unreviewed
CVE-2024-51242 was published Oct 30, 2024
An issue was found in mipjz 5.0.5. In the mipPost method of \app\setting\controller\ApiAdminTool... Moderate Unreviewed
CVE-2024-48232 was published Oct 25, 2024
SparkShop <=1.1.7 is vulnerable to server-side request forgery (SSRF). This vulnerability allows... Moderate Unreviewed
CVE-2024-48107 was published Oct 28, 2024
An arbitrary file upload vulnerability in Huly Platform v0.6.295 allows attackers to execute... Moderate Unreviewed
CVE-2024-48450 was published Oct 25, 2024
An issue was discovered in mipjz 5.0.5. In the push method of app\tag\controller\ApiAdminTag.php... Moderate Unreviewed
CVE-2024-48234 was published Oct 26, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database