Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
21
Go
2,094
Maven
5,000+
npm
3,759
NuGet
678
pip
3,445
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

423 advisories

Loading
The JSM file_get_contents() Shortcode WordPress plugin before 2.7.1 does not validate one of its... High Unreviewed
CVE-2023-6991 was published Jan 15, 2024
A vulnerability, which was classified as critical, has been found in HaoKeKeJi YiQiNiu up to 3.1.... High Unreviewed
CVE-2024-0510 was published Jan 14, 2024
An issue in rymcu forest v.0.02 allows a remote attacker to obtain sensitive information via... High Unreviewed
CVE-2023-51804 was published Jan 13, 2024
Blind Server-Side Request Forgery (SSRF) vulnerability in karlomikus Bar Assistant before version... High Unreviewed
CVE-2023-49471 was published Jan 10, 2024
Apache Axis Improper Input Validation vulnerability High
CVE-2023-51441 was published for axis:axis (Maven) Jan 6, 2024
ebickle
D-Tale server-side request forgery through Web uploads High
CVE-2024-21642 was published for dtale (pip) Jan 5, 2024
sylwia-budzynska
Miniflare vulnerable to Server-Side Request Forgery (SSRF) High
CVE-2023-7078 was published for miniflare (npm) Dec 29, 2023
Lekensteyn
Arbitrary file properties reading vulnerability in Apache Software Foundation Apache OFBiz when... High Unreviewed
CVE-2023-50968 was published Dec 26, 2023
An unauthenticated attacked could send a specifically crafted web request causing a Server-Side... High Unreviewed
CVE-2023-46262 was published Dec 19, 2023
A vulnerability was found in kalcaddle kodbox up to 1.48. It has been rated as critical. Affected... High Unreviewed
CVE-2023-6849 was published Dec 16, 2023
Server-Side Request Forgery (SSRF) vulnerability in Elegant Digital Solutions CommentLuv.This... High Unreviewed
CVE-2023-49159 was published Dec 15, 2023
GitHub Security Lab (GHSL) Vulnerability Report: Arbitary write GHSL-2023-182 High
CVE-2023-50731 was published for mindsdb (pip) Dec 15, 2023
sylwia-budzynska
Server-Side Request Forgery (SSRF) in kubeflow/kubeflow High Unreviewed
CVE-2023-6570 was published Dec 14, 2023
SSRF & Credentials Leak High
CVE-2023-49799 was published for nuxt-api-party (npm) Dec 12, 2023
OhB00
Server-Side Request Forgery (SSRF) vulnerability in Paytm Paytm Payment Gateway.This issue... High Unreviewed
CVE-2022-45362 was published Dec 7, 2023
Server-Side Request Forgery (SSRF) vulnerability in Brainstorm Force Starter Templates —... High Unreviewed
CVE-2023-41804 was published Dec 7, 2023
Server-Side Request Forgery (SSRF) vulnerability in Darren Cooney Instant Images plugin <= 5.1.0... High Unreviewed
CVE-2023-27451 was published Nov 22, 2023
Book Stack version 23.10.2 allows filtering local files on the server. This is possible because... High Unreviewed
CVE-2023-6199 was published Nov 21, 2023
Server-Side Request Forgery (SSRF) vulnerability in Vova Anokhin WP Shortcodes Plugin —... High Unreviewed
CVE-2023-23800 was published Nov 13, 2023
Local File Inclusion vulnerability in Midori-global Better PDF Exporter for Jira Server and Jira... High Unreviewed
CVE-2023-42361 was published Nov 8, 2023
FoodCoopShop Server-Side Request Forgery vulnerability High
CVE-2023-46725 was published for foodcoopshop/foodcoopshop (Composer) Nov 2, 2023
asesidaa mrothauer
The Assistant WordPress plugin before 1.4.4 does not validate a parameter before making a request... High Unreviewed
CVE-2023-5798 was published Oct 26, 2023
WPS Server Side Request Forgery vulnerability High
CVE-2023-43795 was published for org.geoserver.extension:gs-wps-core (Maven) Oct 24, 2023
Fides Server-Side Request Forgery Vulnerability in Custom Integration Upload High
CVE-2023-46124 was published for ethyca-fides (pip) Oct 24, 2023
grmpyninja
umputun remark42 version 1.12.1 and before has a Blind Server-Side Request Forgery (SSRF)... High Unreviewed
CVE-2023-45966 was published Oct 23, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database