GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,704
Composer 4,237
Erlang 31
GitHub Actions 20
Go 2,000
Maven 5,183
npm 3,711
NuGet 661
pip 3,383
Pub 11
RubyGems 885
Rust 849
Swift 36

Unreviewed advisories

All unreviewed 235,502

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

843 advisories

Filter by severity

Sort by

Least recently updated

PublicCMS v4.0.202302.e was discovered to contain a Server-Side Request Forgery (SSRF) via the... High Unreviewed

CVE-2024-40544 was published Jul 12, 2024

PublicCMS v4.0.202302.e was discovered to contain a Server-Side Request Forgery (SSRF) via the... High Unreviewed

CVE-2024-40543 was published Jul 12, 2024

Microsoft SharePoint Server Information Disclosure Vulnerability High Unreviewed

CVE-2024-32987 was published Jul 9, 2024

SAP Transportation Management (Collaboration Portal) allows an attacker with non-administrative... Moderate Unreviewed

CVE-2024-37171 was published Jul 9, 2024

WebFlow Services of SAP Business Workflow allows an authenticated attacker to enumerate... Moderate Unreviewed

CVE-2024-34689 was published Jul 9, 2024

SAP CRM (WebClient UI Framework) allows an authenticated attacker to enumerate accessible HTTP... Moderate Unreviewed

CVE-2024-39598 was published Jul 9, 2024

IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20... Moderate Unreviewed

CVE-2024-31897 was published Jul 8, 2024

A vulnerability in the /models/apply endpoint of mudler/localai versions 2.15.0 allows for Server... Moderate Unreviewed

CVE-2024-6095 was published Jul 6, 2024

Server-Side Request Forgery (SSRF) vulnerability in Theme-Ruby Foxiz.This issue affects Foxiz:... High Unreviewed

CVE-2024-37260 was published Jul 6, 2024

Server-Side Request Forgery (SSRF) vulnerability in Robert Macchi WP Scraper.This issue affects... Moderate Unreviewed

CVE-2024-37208 was published Jul 6, 2024

Volmarg Personal Management System 1.4.64 is vulnerable to SSRF (Server Side Request Forgery) via... Critical Unreviewed

CVE-2024-29319 was published Jul 5, 2024

Server Side Request Forgery (SSRF) vulnerability in AdmirorFrames Joomla! extension in afGdStream... High Unreviewed

CVE-2024-5736 was published Jul 3, 2024

SSRF in Apache HTTP Server on Windows allows to potentially leak NTML hashes to a malicious... High Unreviewed

CVE-2024-38472 was published Jul 1, 2024

External server-side request vulnerability in MESbook 20221021.03 version, which could allow a... Critical Unreviewed

CVE-2024-6424 was published Jul 1, 2024

IBM InfoSphere Information Server 11.7 is vulnerable to server-side request forgery (SSRF). This... Moderate Unreviewed

CVE-2023-50952 was published Jun 30, 2024

stangirard/quivr version 0.0.236 contains a Server-Side Request Forgery (SSRF) vulnerability. The... High Unreviewed

CVE-2024-5885 was published Jun 27, 2024

A Server-Side Request Forgery (SSRF) vulnerability exists in the upload processing interface of... High Unreviewed

CVE-2024-5822 was published Jun 27, 2024

Server-Side Request Forgery (SSRF) vulnerability in Blossom Themes BlossomThemes Email Newsletter... Moderate Unreviewed

CVE-2024-37098 was published Jun 26, 2024

Apache XML Security for C++ through 2.0.4 implements the XML Signature Syntax and Processing ... Moderate Unreviewed

CVE-2024-34580 was published Jun 26, 2024

The W3C XML Signature Syntax and Processing (XMLDsig) specification, starting with 1.0, was... High Unreviewed

CVE-2024-34581 was published Jun 26, 2024

Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain a... Moderate Unreviewed

CVE-2024-29173 was published Jun 26, 2024

In WhatsUp Gold versions released before 2023.1.3, an authenticated SSRF vulnerability in Wug.UI... High Unreviewed

CVE-2024-5015 was published Jun 25, 2024

In WhatsUp Gold versions released before 2023.1.3, a Server Side Request Forgery vulnerability... High Unreviewed

CVE-2024-5014 was published Jun 25, 2024

Adminer and AdminerEvo are vulnerable to SSRF via database connection fields. This could allow an... Unknown Unreviewed

CVE-2023-45195 was published Jun 25, 2024

A Server-Side Request Forgery vulnerability was identified in GitHub Enterprise Server that... High Unreviewed

CVE-2024-5746 was published Jun 21, 2024

Previous 1 2 3 4 5 6 … 33 34 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

843 advisories