Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,350
Erlang
31
GitHub Actions
22
Go
2,119
Maven
5,000+
npm
3,778
NuGet
680
pip
3,459
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

523 advisories

Loading
OneBlog v2.3.4 was discovered to contain a Server-Side Request Forgery (SSRF) vulnerability via... Moderate Unreviewed
CVE-2022-34013 was published Jun 24, 2022
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to server-side request... Moderate Unreviewed
CVE-2021-20421 was published Jun 25, 2022
Server-Side Request Forgery in Directus Moderate
CVE-2022-23080 was published for directus (npm) Jun 23, 2022
Server-Side Request Forgery in link-preview-js Moderate
CVE-2022-25876 was published for link-preview-js (npm) Jul 2, 2022
jhutchings1
A vulnerability, which was classified as critical, has been found in Lithium Forum 2017 Q1. This... Moderate Unreviewed
CVE-2017-20106 was published Jun 29, 2022
SSRF vulnerability in remotedownload.php in Allen Disk 1.6 allows remote authenticated users to... Moderate Unreviewed
CVE-2017-9307 was published May 17, 2022
IBM Sterling Partner Engagement Manager 6.1.2, 6.2, and Cloud/SasS 22.2 is vulnerable to server... Moderate Unreviewed
CVE-2022-22416 was published Jul 20, 2022
OX App Suite through 7.10.6 allows SSRF because multipart/form-data boundaries are predictable,... Moderate Unreviewed
CVE-2022-24406 was published Jul 28, 2022
SAP Netweaver AS ABAP, versions 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754,... Moderate Unreviewed
CVE-2020-6275 was published May 24, 2022
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to server-side request... Moderate Unreviewed
CVE-2022-35282 was published Sep 29, 2022
Affected versions of Atlassian Jira Service Management Server and Data Center allow authenticated... Moderate Unreviewed
CVE-2021-43959 was published Jul 27, 2022
Nepxion Discovery vulnerable to potential Information Disclosure due to Server-Side Request Forgery Moderate
CVE-2022-23464 was published for com.nepxion:discovery (Maven) Sep 25, 2022
The Replay Server in IBM Tealeaf Customer Experience 8.x before 8.7.1.8847 FP10, 8.8.x before 8.8... Moderate Unreviewed
CVE-2016-5968 was published May 17, 2022
An SSRF issue was discovered in Reprise License Manager (RLM) web interface through 14.2BL4 that... Moderate Unreviewed
CVE-2021-37498 was published Jan 20, 2023
In JetBrains TeamCity between 2022.10 and 2022.10.1 a custom STS endpoint allowed internal port... Moderate Unreviewed
CVE-2022-46830 was published Dec 8, 2022
Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where a specially... Moderate Unreviewed
CVE-2022-3189 was published Dec 22, 2022
The /plugins/servlet/gadgets/makeRequest resource in Jira before version 8.4.0 allows remote... Moderate Unreviewed
CVE-2019-8451 was published May 24, 2022
Keycloak vulnerable to Server-Side Request Forgery Moderate
CVE-2020-10770 was published for org.keycloak:keycloak-core (Maven) May 24, 2022
WordPress is affected by an unauthenticated blind SSRF in the pingback feature. Because of a... Moderate Unreviewed
CVE-2022-3590 was published Dec 14, 2022
An authenticated server-side request forgery in Nextcloud server 16.0.1 allowed to detect local... Moderate Unreviewed
CVE-2020-8118 was published May 24, 2022
SysJust Syuan-Gu-Da-Shih, versions before 20191223, contain vulnerability of Request Forgery,... Moderate Unreviewed
CVE-2020-3938 was published May 24, 2022
An issue was discovered in Zoho ManageEngine Remote Access Plus 10.0.447. The service to test the... Moderate Unreviewed
CVE-2019-20474 was published May 24, 2022
OX App Suite through 7.10.2 allows SSRF. Moderate Unreviewed
CVE-2019-18846 was published May 24, 2022
The Craw Data WordPress plugin through 1.0.0 does not implement nonce checks, which could allow... Moderate Unreviewed
CVE-2022-2912 was published Sep 17, 2022
A remote server-side request forgery (ssrf) vulnerability was discovered in Aruba Airwave... Moderate Unreviewed
CVE-2020-7126 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database