GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
276 advisories
Filter by severity
ONLYOFFICE all versions as of 2021-11-08 is vulnerable to Server-Side Request Forgery (SSRF). The...
High
Unreviewed
CVE-2021-43449
was published
Jan 23, 2023
An issue was discovered in OpenText Content Suite Platform 22.1 (16.2.19.1803). The endpoint...
High
Unreviewed
CVE-2022-45926
was published
Jan 18, 2023
RHACM: unauthenticated SSRF in console API endpoint. A Server-Side Request Forgery (SSRF)...
High
Unreviewed
CVE-2022-3841
was published
Jan 13, 2023
A Server-Side Request Forgery (SSRF) in Rocket TRUfusion Portal v7.9.2.1 allows remote attackers...
High
Unreviewed
CVE-2022-25026
was published
Jan 13, 2023
Protections against potential Server-Side Request Forgery (SSRF) vulnerabilities in Esri Portal...
High
Unreviewed
CVE-2022-38203
was published
Dec 29, 2022
Protections against potential Server-Side Request Forgery (SSRF) vulnerabilities in Esri Portal...
High
Unreviewed
CVE-2022-38212
was published
Dec 29, 2022
Protections against potential Server-Side Request Forgery (SSRF) vulnerabilities in Esri Portal...
High
Unreviewed
CVE-2022-38211
was published
Dec 29, 2022
Some Dahua software products have a vulnerability of server-side request forgery (SSRF). An...
High
Unreviewed
CVE-2022-45429
was published
Dec 27, 2022
An issue in the graphData.cgi component of perfSONAR v4.4.5 and prior allows attackers to access...
High
Unreviewed
CVE-2022-41412
was published
Nov 30, 2022
Auth. (subscriber+) Server-Side Request Forgery (SSRF) vulnerability in Better Messages plugin 1...
High
Unreviewed
CVE-2022-41609
was published
Nov 19, 2022
A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). An...
High
Unreviewed
CVE-2022-42894
was published
Nov 17, 2022
kkFileView v4.1.0 was discovered to contain a Server-Side Request Forgery (SSRF) via the...
High
Unreviewed
CVE-2022-43140
was published
Nov 17, 2022
A vulnerability in the web-based management interface of Cisco BroadWorks CommPilot application...
High
Unreviewed
CVE-2022-20958
was published
Nov 4, 2022
The Web Stories plugin for WordPress is vulnerable to Server-Side Request Forgery in versions up...
High
Unreviewed
CVE-2022-3708
was published
Oct 29, 2022
A vulnerability in the MiCollab Client server component of Mitel MiCollab through 9.5.0.101 could...
High
Unreviewed
CVE-2022-36451
was published
Oct 25, 2022
Microsoft Exchange Server Elevation of Privilege Vulnerability.
High
Unreviewed
CVE-2022-41040
was published
Oct 4, 2022
The Post SMTP Mailer/Email Log WordPress plugin before 2.1.7 does not have proper authorisation...
High
Unreviewed
CVE-2022-2352
was published
Sep 27, 2022
The Web Player component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS...
High
Unreviewed
CVE-2022-30579
was published
Sep 21, 2022
A Server-Side Request Forgery (SSRF) in fetch_net_file_upload function of baijiacmsV4 v4.1.4...
High
Unreviewed
CVE-2022-38931
was published
Sep 21, 2022
Appsmith v1.7.11 was discovered to allow attackers to execute an authenticated Server-Side...
High
Unreviewed
CVE-2022-38298
was published
Sep 13, 2022
The All-in-One Video Gallery plugin for WordPress is vulnerable to arbitrary file downloads and...
High
Unreviewed
CVE-2022-2633
was published
Sep 7, 2022
An issue was discovered in ProxyServlet.java in the /proxy servlet in Zimbra Collaboration Suite ...
High
Unreviewed
CVE-2022-37041
was published
Aug 13, 2022
IBM DataPower Gateway 10.0.2.0 through 10.0.4.0, 10.0.1.0 through 10.0.1.8, 10.5.0.0, and 2018.4...
High
Unreviewed
CVE-2022-31776
was published
Aug 2, 2022
The vCenter Server contains a server-side request forgery (SSRF) vulnerability. A malicious actor...
High
Unreviewed
CVE-2022-22982
was published
Jul 14, 2022
With this SSRF vulnerability, an attacker can reach internal addresses to make a request as the...
High
Unreviewed
CVE-2022-2339
was published
Jul 8, 2022
ProTip!
Advisories are also available from the
GraphQL API