GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,090
Erlang
29
GitHub Actions
19
Go
1,915
Maven
5,000+
npm
3,646
NuGet
638
pip
3,262
Pub
10
RubyGems
870
Rust
821
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
169 advisories
Filter by severity
An issue in phpkobo AjaxNewsTicker v.1.0.5 allows a remote attacker to execute arbitrary code via...
Critical
Unreviewed
CVE-2023-41449
was published
Sep 28, 2023
An issue in zzCMS v.2023 allows a remote attacker to execute arbitrary code and obtain sensitive...
Critical
Unreviewed
CVE-2023-42398
was published
Sep 15, 2023
Precisely Spectrum Spatial Analyst 20.01 is vulnerable to Server-Side Request Forgery (SSRF).
Critical
Unreviewed
CVE-2022-42183
was published
Jul 31, 2023
The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to Server Side Request Forgery...
Critical
Unreviewed
CVE-2023-1895
was published
Jul 6, 2023
Certain HP LaserJet Pro print products are potentially vulnerable to Potential Remote Code...
Critical
Unreviewed
CVE-2023-35175
was published
Jun 30, 2023
In JetBrains Hub before 2023.1.15725 SSRF protection in Auth Module integration was missing
Critical
Unreviewed
CVE-2022-48477
was published
Apr 24, 2023
An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before...
Critical
Unreviewed
CVE-2018-17452
was published
Apr 16, 2023
A vulnerability was found in OTCMS 6.72. It has been classified as critical. Affected is the...
Critical
Unreviewed
CVE-2023-1634
was published
Mar 25, 2023
Report v0.9.8.6 was discovered to contain a Server-Side Request Forgery (SSRF) vulnerability.
Critical
Unreviewed
CVE-2022-46973
was published
Mar 4, 2023
Unauthenticated server side request forgery in HPE Serviceguard Manager
Critical
Unreviewed
CVE-2022-37938
was published
Mar 1, 2023
An issue in the website background of taocms v3.0.2 allows attackers to execute a Server-Side...
Critical
Unreviewed
CVE-2022-46998
was published
Jan 26, 2023
In certain Lexmark products through 2023-01-12, SSRF can occur because of a lack of input...
Critical
Unreviewed
CVE-2023-23560
was published
Jan 23, 2023
Wildix WMS 6 before 6.02.20221216, WMS 5 before 5.04.20221214, and WMS4 before 4.04.45396.23...
Critical
Unreviewed
CVE-2022-47635
was published
Dec 21, 2022
IBM Cognos Analytics 11.1.7 11.2.0, and 11.2.1 could be vulnerable to a Server-Side Request...
Critical
Unreviewed
CVE-2022-38708
was published
Dec 19, 2022
Proxmox Virtual Environment (PVE) and Proxmox Mail Gateway (PMG) are vulnerable to SSRF when...
Critical
Unreviewed
CVE-2022-35508
was published
Dec 4, 2022
ndk design NdkAdvancedCustomizationFields 3.5.0 is vulnerable to Server-side request forgery ...
Critical
Unreviewed
CVE-2022-40842
was published
Nov 22, 2022
The application was vulnerable to a Server-Side Request Forgery attacks, allowing the backend...
Critical
Unreviewed
CVE-2022-40296
was published
Nov 1, 2022
Server-Side Request Forgery (SSRF) vulnerability in Hitachi Infrastructure Analytics Advisor on...
Critical
Unreviewed
CVE-2022-41552
was published
Nov 1, 2022
kkFileView 4.0 is vulnerable to Server-side request forgery (SSRF) via controller...
Critical
Unreviewed
CVE-2022-42149
was published
Oct 18, 2022
A security issue was discovered in WeBid <=1.2.2. A Server-Side Request Forgery (SSRF)...
Critical
Unreviewed
CVE-2022-41477
was published
Oct 15, 2022
ClipperCMS 1.3.3 was discovered to contain a Server-Side Request Forgery (SSRF) via the pkg_url...
Critical
Unreviewed
CVE-2022-41497
was published
Oct 14, 2022
iCMS v7.0.16 was discovered to contain a Server-Side Request Forgery (SSRF) via the url parameter...
Critical
Unreviewed
CVE-2022-41496
was published
Oct 14, 2022
ClipperCMS 1.3.3 was discovered to contain a Server-Side Request Forgery (SSRF) via the...
Critical
Unreviewed
CVE-2022-41495
was published
Oct 14, 2022
A security issue was discovered in Z-BlogPHP <= 1.7.2. A Server-Side Request Forgery (SSRF)...
Critical
Unreviewed
CVE-2022-40357
was published
Sep 21, 2022
SLiMS Senayan Library Management System v9.4.2 was discovered to contain multiple Server-Side...
Critical
Unreviewed
CVE-2022-38292
was published
Sep 13, 2022
ProTip!
Advisories are also available from the
GraphQL API