Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,342
Erlang
31
GitHub Actions
22
Go
2,106
Maven
5,000+
npm
3,764
NuGet
679
pip
3,451
Pub
12
RubyGems
892
Rust
885
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

400 advisories

Loading
The Replay Server in IBM Tealeaf Customer Experience 8.x before 8.7.1.8847 FP10, 8.8.x before 8.8... Moderate Unreviewed
CVE-2016-5968 was published May 17, 2022
SSRF vulnerability in remotedownload.php in Allen Disk 1.6 allows remote authenticated users to... Moderate Unreviewed
CVE-2017-9307 was published May 17, 2022
In FineCMS before 2017-07-06, application/lib/ajax/get_image_data.php has SSRF, related to... Moderate Unreviewed
CVE-2017-10973 was published May 17, 2022
The External Media without Import WordPress plugin through 1.1.2 does not have any authorisation... Moderate Unreviewed
CVE-2022-1398 was published May 17, 2022
A remote authenticated server-side request forgery (ssrf) vulnerability was discovered in Aruba... Moderate Unreviewed
CVE-2022-23668 was published May 17, 2022
The external_request api call in App Studio (millicore) allows server side request forgery (SSRF)... Moderate Unreviewed
CVE-2017-7553 was published May 14, 2022
Server Side Request Forgery (SSRF) vulnerability in SAP NetWeaver Knowledge Management... Moderate Unreviewed
CVE-2017-16678 was published May 14, 2022
The Trello importer in Atlassian Jira before version 7.6.1 allows remote attackers to access the... Moderate Unreviewed
CVE-2017-16865 was published May 14, 2022
Server Side Request Forgery (SSRF) vulnerability in SAP Central Management Console, BI Launchpad... Moderate Unreviewed
CVE-2018-2370 was published May 14, 2022
Digital Guardian Management Console 7.1.2.0015 has an SSRF issue that allows remote attackers to... Moderate Unreviewed
CVE-2018-10174 was published May 14, 2022
Pydio version 8.2.0 and earlier contains a Server-Side Request Forgery (SSRF) vulnerability in... Moderate Unreviewed
CVE-2018-1999017 was published May 14, 2022
The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow... Moderate Unreviewed
CVE-2016-3718 was published May 14, 2022
An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev11. The API to configure... Moderate Unreviewed
CVE-2016-4046 was published May 14, 2022
admin/functions/remote.php in Interspire Email Marketer through 6.1.6 has Server Side Request... Moderate Unreviewed
CVE-2018-19651 was published May 14, 2022
OX App Suite 7.8.4 and earlier allows Server-Side Request Forgery. Moderate Unreviewed
CVE-2018-12609 was published May 14, 2022
The FTP service on D-Link Central WiFiManager CWM-100 1.03 r0098 devices allows remote attackers... Moderate Unreviewed
CVE-2018-15516 was published May 14, 2022
GitLab Community and Enterprise Editions version 8.3 up to 10.x before 10.3 are vulnerable to... Moderate Unreviewed
CVE-2018-8801 was published May 14, 2022
Server side request forgery exists in the runtime application in K2 smartforms 4.6.11 via a... Moderate Unreviewed
CVE-2018-9920 was published May 14, 2022
JEECMS 9 has SSRF via the ueditor/getRemoteImage.jspx upfile parameter. Moderate Unreviewed
CVE-2018-20528 was published May 14, 2022
OX App Suite 7.8.4 and earlier allows SSRF. Moderate Unreviewed
CVE-2018-13103 was published May 14, 2022
The IconUriServlet of the Atlassian OAuth Plugin from version 1.3.0 before version 1.9.12 and... Moderate Unreviewed
CVE-2017-9506 was published May 14, 2022
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products ... Moderate Unreviewed
CVE-2017-3546 was published May 13, 2022
Server-side request forgery (SSRF) vulnerability in link preview in Synology Chat before 1.1.0... Moderate Unreviewed
CVE-2017-11148 was published May 13, 2022
Server-side request forgery (SSRF) vulnerability in Downloader in Synology Download Station 3.8.x... Moderate Unreviewed
CVE-2017-11149 was published May 13, 2022
Server-side request forgery (SSRF) vulnerability in file_upload.php in Synology Photo Station... Moderate Unreviewed
CVE-2017-12071 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database