GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,184
Composer 4,340
Erlang 31
GitHub Actions 22
Go 2,101
Maven 5,279
npm 3,764
NuGet 679
pip 3,451
Pub 12
RubyGems 892
Rust 885
Swift 37

Unreviewed advisories

All unreviewed 242,936

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

180 advisories

Filter by severity

Sort by

Least recently updated

ndk design NdkAdvancedCustomizationFields 3.5.0 is vulnerable to Server-side request forgery ... Critical Unreviewed

CVE-2022-40842 was published Nov 22, 2022

The application was vulnerable to a Server-Side Request Forgery attacks, allowing the backend... Critical Unreviewed

CVE-2022-40296 was published Nov 1, 2022

Server-Side Request Forgery (SSRF) vulnerability in Hitachi Infrastructure Analytics Advisor on... Critical Unreviewed

CVE-2022-41552 was published Nov 1, 2022

kkFileView 4.0 is vulnerable to Server-side request forgery (SSRF) via controller... Critical Unreviewed

CVE-2022-42149 was published Oct 18, 2022

A security issue was discovered in WeBid <=1.2.2. A Server-Side Request Forgery (SSRF)... Critical Unreviewed

CVE-2022-41477 was published Oct 15, 2022

ClipperCMS 1.3.3 was discovered to contain a Server-Side Request Forgery (SSRF) via the pkg_url... Critical Unreviewed

CVE-2022-41497 was published Oct 14, 2022

iCMS v7.0.16 was discovered to contain a Server-Side Request Forgery (SSRF) via the url parameter... Critical Unreviewed

CVE-2022-41496 was published Oct 14, 2022

ClipperCMS 1.3.3 was discovered to contain a Server-Side Request Forgery (SSRF) via the... Critical Unreviewed

CVE-2022-41495 was published Oct 14, 2022

A security issue was discovered in Z-BlogPHP <= 1.7.2. A Server-Side Request Forgery (SSRF)... Critical Unreviewed

CVE-2022-40357 was published Sep 21, 2022

SLiMS Senayan Library Management System v9.4.2 was discovered to contain multiple Server-Side... Critical Unreviewed

CVE-2022-38292 was published Sep 13, 2022

A Server-Side Request Forgery issue in Canto Cumulus through 11.1.3 allows attackers to enumerate... Critical Unreviewed

CVE-2022-40305 was published Sep 10, 2022

Server-side Request Forgery (SSRF) vulnerability in PublicCMS before 4.0.202011.b via /publiccms... Critical Unreviewed

CVE-2021-27693 was published Sep 3, 2022

wkhtmlTOpdf 0.12.6 is vulnerable to SSRF which allows an attacker to get initial access into the... Critical Unreviewed

CVE-2022-35583 was published Aug 23, 2022

Best Practical RT for Incident Response (RTIR) before 4.0.3 and 5.x before 5.0.3 allows SSRF via... Critical Unreviewed

CVE-2022-25801 was published Jul 15, 2022

Best Practical RT for Incident Response (RTIR) before 4.0.3 and 5.x before 5.0.3 allows SSRF via... Critical Unreviewed

CVE-2022-25800 was published Jul 15, 2022

Halo CMS v1.5.3 was discovered to contain a Server-Side Request Forgery (SSRF) via the template... Critical Unreviewed

CVE-2022-32995 was published Jun 28, 2022

flatCore-CMS version 2.0.8 calls dangerous functions, causing server-side request forgery... Critical Unreviewed

CVE-2021-41403 was published Jun 16, 2022

A Server-Side Request Forgery (SSRF) vulnerability in IPS Community Suite before 4.6.2 allows... Critical Unreviewed

CVE-2021-40604 was published Jun 14, 2022

MonstaFTP v2.10.3 was discovered to contain a Server-Side Request Forgery (SSRF) via the function... Critical Unreviewed

CVE-2022-31827 was published Jun 10, 2022

Jizhicms v2.2.5 was discovered to contain a Server-Side Request Forgery (SSRF) vulnerability via... Critical Unreviewed

CVE-2022-31390 was published Jun 10, 2022

Jizhicms v2.2.5 was discovered to contain a Server-Side Request Forgery (SSRF) vulnerability via... Critical Unreviewed

CVE-2022-31393 was published Jun 10, 2022

A Server-Side Request Forgery (SSRF) in the getFileBinary function of nbnbk cms 3 allows... Critical Unreviewed

CVE-2022-31386 was published Jun 10, 2022

The server in Jamf Pro before 10.32.0 has a vulnerability affecting integrity and availability,... Critical Unreviewed

CVE-2021-39303 was published May 24, 2022

Yealink Device Management (DM) 3.6.0.20 allows command injection as root via the /sm/api/v1... Critical Unreviewed

CVE-2021-27561 was published May 24, 2022

Myucms v2.2.1 contains a server-side request forgery (SSRF) in the component \controller\index... Critical Unreviewed

CVE-2020-21653 was published May 24, 2022

Previous 1 2 3 4 5 6 7 8 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

180 advisories