GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
21
Go
2,094
Maven
5,000+
npm
3,759
NuGet
678
pip
3,445
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+
423 advisories
Filter by severity
A Server-Side Request Forgery (SSRF) vulnerability in the EPPUpdateService of Bitdefender...
High
Unreviewed
CVE-2021-3553
was published
May 24, 2022
The LikeBtn WordPress Like Button Rating ♥ LikeBtn WordPress plugin before 2.6.32 was...
High
Unreviewed
CVE-2021-24150
was published
May 24, 2022
mysiteforme v2.2.1 was discovered to contain a Server-Side Request Forgery.
High
Unreviewed
CVE-2022-29309
was published
May 25, 2022
4thline cling uPnP protocol issue can lead to denial of service
High
CVE-2020-23622
was published
for
org.fourthline.cling:cling-core
(Maven)
Aug 16, 2022
Auth. (subscriber+) Server-Side Request Forgery (SSRF) vulnerability in Better Messages plugin 1...
High
Unreviewed
CVE-2022-41609
was published
Nov 19, 2022
The Web Player component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS...
High
Unreviewed
CVE-2022-30579
was published
Sep 21, 2022
A Server-Side Request Forgery (SSRF) in Rocket TRUfusion Portal v7.9.2.1 allows remote attackers...
High
Unreviewed
CVE-2022-25026
was published
Jan 13, 2023
GeoServer allows SSRF via the option for setting a proxy host
High
CVE-2021-40822
was published
for
org.geoserver:gs-main
(Maven)
May 3, 2022
The HubSpot WordPress plugin before 8.8.15 does not validate the proxy URL given to the proxy...
High
Unreviewed
CVE-2022-1239
was published
May 3, 2022
ProxyScotch is vulnerable to a server-side Request Forgery (SSRF)
High
CVE-2022-25850
was published
for
github.com/hoppscotch/proxyscotch
(Go)
May 3, 2022
WordPress before 5.2.4 has a Server Side Request Forgery (SSRF) vulnerability because Windows...
High
Unreviewed
CVE-2019-17670
was published
May 24, 2022
Server-Side Request Forgery in scout-browser
High
CVE-2022-1592
was published
for
scout-browser
(pip)
May 6, 2022
In Progress Ipswitch WhatsUp Gold 21.0.0 through 21.1.1, and 22.0.0, it is possible for an...
High
Unreviewed
CVE-2022-29847
was published
May 12, 2022
A Server Side Request Forgery (SSRF) vulnerability in tools/files/importers/remote.php in...
High
Unreviewed
CVE-2018-13790
was published
May 13, 2022
A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). An...
High
Unreviewed
CVE-2022-42894
was published
Nov 17, 2022
Server Side Request Forgery (SSRF) in org.mitre:openid-connect-server
High
CVE-2021-26715
was published
for
org.mitre:openid-connect-server
(Maven)
May 13, 2021
Server-Side Request Forgery and Inclusion of Functionality from Untrusted Control Sphere in jsreport
High
CVE-2020-8128
was published
for
jsreport
(npm)
Apr 13, 2021
Server-side request forgery (SSRF) in Apache XmlGraphics Commons
High
CVE-2020-11988
was published
for
org.apache.xmlgraphics:xmlgraphics-commons
(Maven)
Feb 9, 2022
Authorization service vulnerable to DDos attacks in Apache CFX
High
CVE-2021-22696
was published
for
org.apache.cxf:apache-cxf
(Maven)
May 13, 2021
Server-Side Request Forgery in Apache Solr
High
CVE-2021-27905
was published
for
org.apache.solr:solr-parent
(Maven)
May 10, 2021
Server-Side Request Forgery in Spinnaker Orca
High
CVE-2020-9298
was published
for
com.netflix.spinnaker.orca:orca-core
(Maven)
May 7, 2021
Server-Side Request Forgery in node-pdf-generator
High
CVE-2020-7740
was published
for
node-pdf-generator
(npm)
May 10, 2021
Server-Side Request Forgery in phantomjs-seo
High
CVE-2020-7739
was published
for
phantomjs-seo
(npm)
May 10, 2021
Authenticated server-side request forgery in file upload via URL.
High
CVE-2021-37711
was published
for
shopware/core
(Composer)
Aug 23, 2021
ProTip!
Advisories are also available from the
GraphQL API