GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 29,215
Composer 5,632
Erlang 49
GitHub Actions 49
Go 3,549
Maven 6,424
npm 5,851
NuGet 917
pip 4,798
Pub 13
RubyGems 1,038
Rust 1,237
Swift 53

Unreviewed advisories

All unreviewed 298,416

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,532 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

RHACM: unauthenticated SSRF in console API endpoint. A Server-Side Request Forgery (SSRF)... High Unreviewed

CVE-2022-3841 was published Jan 13, 2023

IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.14.3 is vulnerable to server-side request... Moderate Unreviewed

CVE-2021-39051 was published Mar 15, 2022

The DefaultRepositoryAdminService class in Fisheye and Crucible before version 4.8.9 allowed... Moderate Unreviewed

CVE-2021-43954 was published Mar 15, 2022

Ligeo Archives Ligeo Basics as of 02_01-2022 is vulnerable to Server Side Request Forgery (SSRF)... High Unreviewed

CVE-2021-46107 was published Mar 18, 2022

An issue was discovered in MISP before 2.4.156. app/Model/Server.php does not restrict... High Unreviewed

CVE-2022-27245 was published Mar 19, 2022

The FormCraft WordPress plugin before 3.8.28 does not validate the URL parameter in the... Critical Unreviewed

CVE-2022-0591 was published Mar 22, 2022

Sentinel 1.8.2 is vulnerable to Server-side request forgery (SSRF). High Unreviewed

CVE-2021-44139 was published Mar 24, 2022

A vulnerability was discovered in GitLab starting with version 12. GitLab was vulnerable to a... Critical Unreviewed

CVE-2022-0249 was published Mar 29, 2022

A vulnerability was discovered in GitLab versions 10.5 to 14.5.4, 14.6 to 14.6.4, and 14.7 to 14... High Unreviewed

CVE-2022-0136 was published Mar 29, 2022

SSRF on index.php/cobrowse/proxycss/ in GitHub repository livehelperchat/livehelperchat prior to... High Unreviewed

CVE-2022-1191 was published Apr 1, 2022

Sonatype Nexus Repository Manager 3.x before 3.38.0 allows SSRF. Moderate Unreviewed

CVE-2022-27907 was published Mar 31, 2022

MashZone NextGen through 10.7 GA has an SSRF vulnerability that allows an attacker to interact... High Unreviewed

CVE-2021-33581 was published Apr 1, 2022

A DNS rebinding vulnerability in the Irker IRC Gateway integration in all versions of GitLab CE... High Unreviewed

CVE-2022-0425 was published Apr 3, 2022

An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.1 before 14... Moderate Unreviewed

CVE-2022-1188 was published Apr 5, 2022

Server-Side Request Forgery (SSRF) in GitHub repository janeczku/calibre-web prior to 0.6.18. Critical Unreviewed

CVE-2022-0990 was published Apr 5, 2022

IBM Planning Analytics 2.0 is vulnerable to server-side request forgery (SSRF). This may allow an... High Unreviewed

CVE-2022-22339 was published Apr 9, 2022

Server-Side Request Forgery (SSRF) in GitHub repository janeczku/calibre-web prior to 0.6.18. Critical Unreviewed

CVE-2022-0939 was published Apr 5, 2022

Dr Trust USA iCheck Connect BP Monitor BP Testing 118 version 1.2.1 is vulnerable to Transmitting... Moderate Unreviewed

CVE-2020-27375 was published Apr 8, 2022

OX App Suite through 7.10.6 allows SSRF because the anti-SSRF protection mechanism only checks... Moderate Unreviewed

CVE-2022-37313 was published Dec 26, 2022

Server-Side Request Forgery (SSRF) vulnerability in Johnson Controls Metasys could allow an... High Unreviewed

CVE-2021-36202 was published Apr 8, 2022

Wildix WMS 6 before 6.02.20221216, WMS 5 before 5.04.20221214, and WMS4 before 4.04.45396.23... Critical Unreviewed

CVE-2022-47635 was published Dec 21, 2022

A Server-Side Request Forgery (SSRF) in Chamilo LMS v1.11.13 allows attackers to enumerate the... High Unreviewed

CVE-2022-27426 was published Apr 16, 2022

The EXMAGE WordPress plugin before 1.0.7 does to ensure that images added via URLs are external... High Unreviewed

CVE-2022-1037 was published Apr 19, 2022

Server-side request forgery (SSRF) vulnerability in feed-proxy.php in extjs 5.0.0. Moderate Unreviewed

CVE-2007-6758 was published Apr 21, 2022

A vulnerability in all versions of SCT/SCT Pro prior to version 14.2.2 allows a remote... Critical Unreviewed

CVE-2021-36203 was published Apr 23, 2022

Previous1…62 Next

Previous 1 2 3 4 5 … 61 62 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,532 advisories