GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,497
Composer 4,963
Erlang 39
GitHub Actions 38
Go 2,615
Maven 6,096
npm 4,255
NuGet 760
pip 4,036
Pub 12
RubyGems 953
Rust 1,049
Swift 45

Unreviewed advisories

All unreviewed 275,680

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

265 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

SalesAgility SuiteCRM 7.10.x 7.10.19 and 7.11.x before and 7.11.7 has SSRF. Critical Unreviewed

CVE-2019-13335 was published May 24, 2022

A blind SSRF vulnerability exists in the Visualizer plugin before 3.3.1 for WordPress via wp-json... Critical Unreviewed

CVE-2019-16932 was published May 24, 2022

A Server-Side Request Forgery (SSRF): CWE-918 vulnerability exists in U.motion Server (MEG6501... Critical Unreviewed

CVE-2019-6837 was published May 24, 2022

The fetch API in Tightrope Media Carousel before 7.1.3 has CarouselAPI/v0/fetch?url= SSRF. This... Critical Unreviewed

CVE-2019-13020 was published May 24, 2022

openITCOCKPIT before 3.7.1 allows SSRF, aka RVID 5-445b21. Critical Unreviewed

CVE-2019-15494 was published May 24, 2022

The nelio-ab-testing plugin before 4.5.11 for WordPress has SSRF in ajax/iesupport.php. Critical Unreviewed

CVE-2016-10927 was published May 24, 2022

The nelio-ab-testing plugin before 4.5.9 for WordPress has SSRF in ajax/iesupport.php. Critical Unreviewed

CVE-2016-10926 was published May 24, 2022

A remote unauthenticated attacker can abuse a web service in SAP NetWeaver Application Server for... Critical Unreviewed

CVE-2019-0345 was published May 24, 2022

A Server Side Request Forgery (SSRF) vulnerability in go-camo up to version 1.1.4 allows a remote... Critical Unreviewed

CVE-2019-14255 was published May 24, 2022

Server Side Request Forgery (SSRF) exists in Zoho ManageEngine AssetExplorer version 6.2.0 for... Critical Unreviewed

CVE-2019-12994 was published May 24, 2022

An SSRF issue was discovered in HTTPD on MicroDigital N-series cameras with firmware through 6400... Critical Unreviewed

CVE-2019-14704 was published May 24, 2022

An SSRF attack was possible on a JetBrains YouTrack server. The issue (1 of 2) was fixed in... Critical Unreviewed

CVE-2019-12852 was published May 24, 2022

Lack of validation in the HTML parser in RealObjects PDFreactor before 10.1.10722 leads to SSRF,... Critical Unreviewed

CVE-2019-12153 was published May 24, 2022

Server-side Request Forgery (SSRF) and File Enumeration vulnerability in Apache Roller 5.2.1, 5.2... Critical Unreviewed

CVE-2018-17198 was published May 24, 2022

OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: SSRF. Critical Unreviewed

CVE-2017-13667 was published May 24, 2022

openid.php in LightOpenID through 1.3.1 allows SSRF via a crafted OpenID 2.0 assertion request... Critical Unreviewed

CVE-2019-11066 was published May 24, 2022

Server Side Request Forgery (SSRF) exists in the Print My Blog plugin before 1.6.7 for WordPress... Critical Unreviewed

CVE-2019-11565 was published May 24, 2022

A remote server-side request forgery (ssrf) vulnerability was discovered in HPE OneView version(s... Critical Unreviewed

CVE-2022-28616 was published May 18, 2022

An issue was discovered on Accellion FTA devices before FTA_9_12_180. Because a regular... Critical Unreviewed

CVE-2017-8794 was published May 17, 2022

I, Librarian version <=4.6 & 4.7 is vulnerable to Server-Side Request Forgery in the... Critical Unreviewed

CVE-2017-1000237 was published May 17, 2022

An issue was discovered in Adobe Connect 9.6.2 and earlier versions. A Server-Side Request... Critical Unreviewed

CVE-2017-11291 was published May 17, 2022

The Fusion Builder WordPress plugin before 3.6.2, used in the Avada theme, does not validate a... Critical Unreviewed

CVE-2022-1386 was published May 17, 2022

URL Restriction Bypass in GitHub repository plantuml/plantuml prior to V1.2022.5. An attacker can... Critical Unreviewed

CVE-2022-1379 was published May 15, 2022

I, Librarian version 4.8 and earlier contains a SSRF vulnerability in "url" parameter of... Critical Unreviewed

CVE-2018-1000138 was published May 14, 2022

SSRF (Server Side Request Forgery) in tpshop 2.0.5 and 2.0.6 allows remote attackers to obtain... Critical Unreviewed

CVE-2017-16614 was published May 14, 2022

Previous 1…8…11 Next

Previous 1 2 … 6 7 8 9 10 11 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

265 advisories