GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,147
Composer 4,333
Erlang 31
GitHub Actions 22
Go 2,095
Maven 5,265
npm 3,762
NuGet 678
pip 3,447
Pub 12
RubyGems 892
Rust 882
Swift 37

Unreviewed advisories

All unreviewed 242,634

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

899 advisories

Filter by severity

Sort by

Least recently updated

The Multiple Page Generator Plugin – MPG plugin for WordPress is vulnerable to Server-Side... Moderate Unreviewed

CVE-2024-10705 was published Jan 26, 2025

The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form &... Low Unreviewed

CVE-2024-13450 was published Jan 25, 2025

Server-Side Request Forgery (SSRF) vulnerability in HasThemes Extensions For CF7 allows Server... Moderate Unreviewed

CVE-2025-24695 was published Jan 24, 2025

Server-Side Request Forgery (SSRF) vulnerability in DLX Plugins Comment Edit Core – Simple... Moderate Unreviewed

CVE-2025-24703 was published Jan 24, 2025

Server-Side Request Forgery (SSRF) vulnerability in Kiboko Labs Chained Quiz allows Server Side... Moderate Unreviewed

CVE-2025-24701 was published Jan 24, 2025

A server-side request forgery in PAN-OS software enables an unauthenticated attacker to use the... Moderate Unreviewed

CVE-2024-5917 was published Nov 14, 2024

The Activity Plus Reloaded for BuddyPress plugin for WordPress is vulnerable to Blind Server-Side... Moderate Unreviewed

CVE-2024-11913 was published Jan 24, 2025

An administrative user of WebReports may perform a Server Side Request Forgery (SSRF) exploit... Low Unreviewed

CVE-2023-45705 was published Mar 28, 2024

A server side request forgery vulnerability was identified in Kibana where the /api/fleet... Moderate Unreviewed

CVE-2024-43710 was published Jan 23, 2025

BigFix Patch Download Plug-ins are affected by Server-Side Request Forgery (SSRF) vulnerability. ... Low Unreviewed

CVE-2024-42182 was published Jan 23, 2025

The AI Power: Complete AI Pack plugin for WordPress is vulnerable to Server-Side Request Forgery... Moderate Unreviewed

CVE-2024-13360 was published Jan 22, 2025

The a+HRD from aEnrich Technology has a Server-side Request Forgery, allowing unauthenticated... Moderate Unreviewed

CVE-2025-0584 was published Jan 20, 2025

OtCMS <=V7.46 is vulnerable to Server-Side Request Forgery (SSRF) in /admin/read.php, which can... Moderate Unreviewed

CVE-2024-57252 was published Jan 17, 2025

The Friends plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up... Moderate Unreviewed

CVE-2024-1978 was published Feb 29, 2024

The Seraphinite Accelerator plugin for WordPress is vulnerable to Server-Side Request Forgery in... Moderate Unreviewed

CVE-2024-1568 was published Feb 28, 2024

A vulnerability classified as problematic has been found in wuzhicms 4.1.0. This affects the... Moderate Unreviewed

CVE-2025-0480 was published Jan 15, 2025

Server-Side Request Forgery (SSRF) vulnerability in Faizaan Gagan Course Migration for LearnDash... Moderate Unreviewed

CVE-2025-22346 was published Jan 15, 2025

Invoice Ninja is vulnerable to authenticated Server-Side Request Forgery (SSRF) allowing for... High Unreviewed

CVE-2025-0474 was published Jan 14, 2025

The RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator... Moderate Unreviewed

CVE-2023-6805 was published Apr 17, 2024

Veeam Backup for Microsoft Azure is vulnerable to Server-Side Request Forgery (SSRF). This may... High Unreviewed

CVE-2025-23082 was published Jan 14, 2025

The ElementsKit PRO plugin for WordPress is vulnerable to Server-Side Request Forgery in versions... High Unreviewed

CVE-2024-4404 was published Jun 14, 2024

A Server-Side Request Forgery (SSRF) vulnerability in Microsoft Purview allows an authorized... High Unreviewed

CVE-2025-21385 was published Jan 10, 2025

A Server-Side Request Forgery vulnerability in the SonicOS SSH management interface allows a... High Unreviewed

CVE-2024-53705 was published Jan 9, 2025

A vulnerability was found in donglight bookstore电商书城系统说明 1.0.0. It has been classified as... Moderate Unreviewed

CVE-2024-13195 was published Jan 9, 2025

I, Librarian before and including 5.11.1 is vulnerable to Server-Side Request Forgery (SSRF) due... Critical Unreviewed

CVE-2024-54819 was published Jan 7, 2025

Previous 1 2 3 4 5 … 35 36 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

899 advisories