Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

395 advisories

Loading
A vulnerability, which was classified as critical, has been found in HaoKeKeJi YiQiNiu up to 3.1.... High Unreviewed
CVE-2024-0510 was published Jan 14, 2024
An issue in rymcu forest v.0.02 allows a remote attacker to obtain sensitive information via... High Unreviewed
CVE-2023-51804 was published Jan 13, 2024
Blind Server-Side Request Forgery (SSRF) vulnerability in karlomikus Bar Assistant before version... High Unreviewed
CVE-2023-49471 was published Jan 10, 2024
Apache Axis Improper Input Validation vulnerability High
CVE-2023-51441 was published for axis:axis (Maven) Jan 6, 2024
ebickle
D-Tale server-side request forgery through Web uploads High
CVE-2024-21642 was published for dtale (pip) Jan 5, 2024
sylwia-budzynska
Miniflare vulnerable to Server-Side Request Forgery (SSRF) High
CVE-2023-7078 was published for miniflare (npm) Dec 29, 2023
Lekensteyn
Arbitrary file properties reading vulnerability in Apache Software Foundation Apache OFBiz when... High Unreviewed
CVE-2023-50968 was published Dec 26, 2023
An unauthenticated attacked could send a specifically crafted web request causing a Server-Side... High Unreviewed
CVE-2023-46262 was published Dec 19, 2023
A vulnerability was found in kalcaddle kodbox up to 1.48. It has been rated as critical. Affected... High Unreviewed
CVE-2023-6849 was published Dec 16, 2023
Server-Side Request Forgery (SSRF) vulnerability in Elegant Digital Solutions CommentLuv.This... High Unreviewed
CVE-2023-49159 was published Dec 15, 2023
Server-Side Request Forgery (SSRF) in kubeflow/kubeflow High Unreviewed
CVE-2023-6570 was published Dec 14, 2023
SSRF & Credentials Leak High
CVE-2023-49799 was published for nuxt-api-party (npm) Dec 12, 2023
OhB00
Server-Side Request Forgery (SSRF) vulnerability in Paytm Paytm Payment Gateway.This issue... High Unreviewed
CVE-2022-45362 was published Dec 7, 2023
Server-Side Request Forgery (SSRF) vulnerability in Brainstorm Force Starter Templates —... High Unreviewed
CVE-2023-41804 was published Dec 7, 2023
Server-Side Request Forgery (SSRF) vulnerability in Darren Cooney Instant Images plugin <= 5.1.0... High Unreviewed
CVE-2023-27451 was published Nov 22, 2023
Book Stack version 23.10.2 allows filtering local files on the server. This is possible because... High Unreviewed
CVE-2023-6199 was published Nov 21, 2023
Server-Side Request Forgery (SSRF) vulnerability in Vova Anokhin WP Shortcodes Plugin —... High Unreviewed
CVE-2023-23800 was published Nov 13, 2023
Local File Inclusion vulnerability in Midori-global Better PDF Exporter for Jira Server and Jira... High Unreviewed
CVE-2023-42361 was published Nov 8, 2023
FoodCoopShop Server-Side Request Forgery vulnerability High
CVE-2023-46725 was published for foodcoopshop/foodcoopshop (Composer) Nov 2, 2023
asesidaa mrothauer
The Assistant WordPress plugin before 1.4.4 does not validate a parameter before making a request... High Unreviewed
CVE-2023-5798 was published Oct 26, 2023
WPS Server Side Request Forgery vulnerability High
CVE-2023-43795 was published for org.geoserver.extension:gs-wps-core (Maven) Oct 24, 2023
Fides Server-Side Request Forgery Vulnerability in Custom Integration Upload High
CVE-2023-46124 was published for ethyca-fides (pip) Oct 24, 2023
grmpyninja
umputun remark42 version 1.12.1 and before has a Blind Server-Side Request Forgery (SSRF)... High Unreviewed
CVE-2023-45966 was published Oct 23, 2023
link_to_local_path in ebooks/conversion/plugins/html_input.py in calibre before 6.19.0 can, by... High Unreviewed
CVE-2023-46303 was published Oct 22, 2023
Langchain Server-Side Request Forgery vulnerability High
CVE-2023-32786 was published for langchain (pip) Oct 21, 2023
eyurtsev
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database