Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,360
Erlang
33
GitHub Actions
22
Go
2,127
Maven
5,000+
npm
3,793
NuGet
683
pip
3,471
Pub
12
RubyGems
894
Rust
894
Swift
38
Unreviewed advisories
All unreviewed
5,000+

525 advisories

Loading
The Responsive Plus – Starter Templates, Advanced Features and Customizer Settings for Responsive... Moderate Unreviewed
CVE-2024-13834 was published Feb 15, 2025
Server-Side Request Forgery (SSRF) in activitypub_federation Moderate
CVE-2025-25194 was published for activitypub_federation (Rust) Feb 10, 2025
nnfrog
IBM Aspera Shares 1.9.0 through 1.10.0 PL6 is vulnerable to server-side request forgery (SSRF).... Moderate Unreviewed
CVE-2024-56470 was published Feb 6, 2025
IBM Aspera Shares 1.9.0 through 1.10.0 PL6 is vulnerable to server-side request forgery (SSRF).... Moderate Unreviewed
CVE-2024-56471 was published Feb 6, 2025
SSRF vulnerability in the RSS feed parser in Zimbra Collaboration 9.0.0 before Patch 43, 10.0.x... Moderate Unreviewed
CVE-2025-25065 was published Feb 3, 2025
Server-Side Request Forgery (SSRF) vulnerability in NotFound Traveler Layout Essential For... Moderate Unreviewed
CVE-2025-22701 was published Feb 3, 2025
Server-Side Request Forgery (SSRF) vulnerability in NotFound Oshine Modules. This issue affects... Moderate Unreviewed
CVE-2024-44055 was published Jan 31, 2025
imgproxy is vulnerable to SSRF against 0.0.0.0 Moderate
CVE-2025-24354 was published for github.com/imgproxy/imgproxy (Go) Jan 27, 2025
phannguyenlong Benasin
benaubin
The Multiple Page Generator Plugin – MPG plugin for WordPress is vulnerable to Server-Side... Moderate Unreviewed
CVE-2024-10705 was published Jan 26, 2025
Server-Side Request Forgery (SSRF) vulnerability in Kiboko Labs Chained Quiz allows Server Side... Moderate Unreviewed
CVE-2025-24701 was published Jan 24, 2025
Server-Side Request Forgery (SSRF) vulnerability in HasThemes Extensions For CF7 allows Server... Moderate Unreviewed
CVE-2025-24695 was published Jan 24, 2025
Server-Side Request Forgery (SSRF) vulnerability in DLX Plugins Comment Edit Core – Simple... Moderate Unreviewed
CVE-2025-24703 was published Jan 24, 2025
The Activity Plus Reloaded for BuddyPress plugin for WordPress is vulnerable to Blind Server-Side... Moderate Unreviewed
CVE-2024-11913 was published Jan 24, 2025
A server side request forgery vulnerability was identified in Kibana where the /api/fleet... Moderate Unreviewed
CVE-2024-43710 was published Jan 23, 2025
The AI Power: Complete AI Pack plugin for WordPress is vulnerable to Server-Side Request Forgery... Moderate Unreviewed
CVE-2024-13360 was published Jan 22, 2025
Infinite loop and Blind SSRF found inside the Webfinger mechanism in @fedify/fedify Moderate
CVE-2025-23221 was published for @fedify/fedify (npm) Jan 21, 2025
nnfrog
The a+HRD from aEnrich Technology has a Server-side Request Forgery, allowing unauthenticated... Moderate Unreviewed
CVE-2025-0584 was published Jan 20, 2025
OtCMS <=V7.46 is vulnerable to Server-Side Request Forgery (SSRF) in /admin/read.php, which can... Moderate Unreviewed
CVE-2024-57252 was published Jan 17, 2025
Gomatrixserverlib Server-Side Request Forgery (SSRF) on redirects and federation Moderate
CVE-2024-52594 was published for github.com/matrix-org/gomatrixserverlib (Go) Jan 16, 2025
Matrix Media Repo (MMR) allows Server-Side Request Forgery (SSRF) on redirects and federation Moderate
CVE-2024-52602 was published for github.com/t2bot/matrix-media-repo (Go) Jan 16, 2025
S7evinK
A vulnerability classified as problematic has been found in wuzhicms 4.1.0. This affects the... Moderate Unreviewed
CVE-2025-0480 was published Jan 15, 2025
Server-Side Request Forgery (SSRF) vulnerability in Faizaan Gagan Course Migration for LearnDash... Moderate Unreviewed
CVE-2025-22346 was published Jan 15, 2025
A vulnerability was found in donglight bookstore电商书城系统说明 1.0.0. It has been classified as... Moderate Unreviewed
CVE-2024-13195 was published Jan 9, 2025
VMware Aria Automation contains a server-side request forgery (SSRF) vulnerability. A malicious... Moderate Unreviewed
CVE-2025-22215 was published Jan 8, 2025
Server-Side Request Forgery (SSRF) vulnerability in Envato Envato Elements allows Server Side... Moderate Unreviewed
CVE-2024-56275 was published Jan 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database