GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,162
Composer 4,090
Erlang 29
GitHub Actions 19
Go 1,915
Maven 5,108
npm 3,646
NuGet 638
pip 3,262
Pub 10
RubyGems 870
Rust 821
Swift 35

Unreviewed advisories

All unreviewed 229,155

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

169 advisories

Filter by severity

Sort by

Least recently updated

An issue in phpkobo AjaxNewsTicker v.1.0.5 allows a remote attacker to execute arbitrary code via... Critical Unreviewed

CVE-2023-41449 was published Sep 28, 2023

An issue in zzCMS v.2023 allows a remote attacker to execute arbitrary code and obtain sensitive... Critical Unreviewed

CVE-2023-42398 was published Sep 15, 2023

Precisely Spectrum Spatial Analyst 20.01 is vulnerable to Server-Side Request Forgery (SSRF). Critical Unreviewed

CVE-2022-42183 was published Jul 31, 2023

The Getwid – Gutenberg Blocks plugin for WordPress is vulnerable to Server Side Request Forgery... Critical Unreviewed

CVE-2023-1895 was published Jul 6, 2023

Certain HP LaserJet Pro print products are potentially vulnerable to Potential Remote Code... Critical Unreviewed

CVE-2023-35175 was published Jun 30, 2023

In JetBrains Hub before 2023.1.15725 SSRF protection in Auth Module integration was missing Critical Unreviewed

CVE-2022-48477 was published Apr 24, 2023

An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before... Critical Unreviewed

CVE-2018-17452 was published Apr 16, 2023

A vulnerability was found in OTCMS 6.72. It has been classified as critical. Affected is the... Critical Unreviewed

CVE-2023-1634 was published Mar 25, 2023

Report v0.9.8.6 was discovered to contain a Server-Side Request Forgery (SSRF) vulnerability. Critical Unreviewed

CVE-2022-46973 was published Mar 4, 2023

Unauthenticated server side request forgery in HPE Serviceguard Manager Critical Unreviewed

CVE-2022-37938 was published Mar 1, 2023

An issue in the website background of taocms v3.0.2 allows attackers to execute a Server-Side... Critical Unreviewed

CVE-2022-46998 was published Jan 26, 2023

In certain Lexmark products through 2023-01-12, SSRF can occur because of a lack of input... Critical Unreviewed

CVE-2023-23560 was published Jan 23, 2023

Wildix WMS 6 before 6.02.20221216, WMS 5 before 5.04.20221214, and WMS4 before 4.04.45396.23... Critical Unreviewed

CVE-2022-47635 was published Dec 21, 2022

IBM Cognos Analytics 11.1.7 11.2.0, and 11.2.1 could be vulnerable to a Server-Side Request... Critical Unreviewed

CVE-2022-38708 was published Dec 19, 2022

Proxmox Virtual Environment (PVE) and Proxmox Mail Gateway (PMG) are vulnerable to SSRF when... Critical Unreviewed

CVE-2022-35508 was published Dec 4, 2022

ndk design NdkAdvancedCustomizationFields 3.5.0 is vulnerable to Server-side request forgery ... Critical Unreviewed

CVE-2022-40842 was published Nov 22, 2022

The application was vulnerable to a Server-Side Request Forgery attacks, allowing the backend... Critical Unreviewed

CVE-2022-40296 was published Nov 1, 2022

Server-Side Request Forgery (SSRF) vulnerability in Hitachi Infrastructure Analytics Advisor on... Critical Unreviewed

CVE-2022-41552 was published Nov 1, 2022

kkFileView 4.0 is vulnerable to Server-side request forgery (SSRF) via controller... Critical Unreviewed

CVE-2022-42149 was published Oct 18, 2022

A security issue was discovered in WeBid <=1.2.2. A Server-Side Request Forgery (SSRF)... Critical Unreviewed

CVE-2022-41477 was published Oct 15, 2022

ClipperCMS 1.3.3 was discovered to contain a Server-Side Request Forgery (SSRF) via the pkg_url... Critical Unreviewed

CVE-2022-41497 was published Oct 14, 2022

iCMS v7.0.16 was discovered to contain a Server-Side Request Forgery (SSRF) via the url parameter... Critical Unreviewed

CVE-2022-41496 was published Oct 14, 2022

ClipperCMS 1.3.3 was discovered to contain a Server-Side Request Forgery (SSRF) via the... Critical Unreviewed

CVE-2022-41495 was published Oct 14, 2022

A security issue was discovered in Z-BlogPHP <= 1.7.2. A Server-Side Request Forgery (SSRF)... Critical Unreviewed

CVE-2022-40357 was published Sep 21, 2022

SLiMS Senayan Library Management System v9.4.2 was discovered to contain multiple Server-Side... Critical Unreviewed

CVE-2022-38292 was published Sep 13, 2022

Previous 1 2 3 4 5 6 7 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

169 advisories