GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,286
Composer 4,356
Erlang 33
GitHub Actions 22
Go 2,121
Maven 5,299
npm 3,783
NuGet 683
pip 3,465
Pub 12
RubyGems 893
Rust 892
Swift 38

Unreviewed advisories

All unreviewed 244,344

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

524 advisories

Filter by severity

Sort by

Least recently updated

Adobe Campaign version 7.3.1 (and earlier) and 8.3.9 (and earlier) are affected by a Server-Side... Moderate Unreviewed

CVE-2022-42343 was published Dec 21, 2022

IBM Jazz Foundation products are vulnerable to server side request forgery (SSRF). This may allow... Moderate Unreviewed

CVE-2020-4974 was published May 24, 2022

Server-side request forgery (SSRF) vulnerability in GroupSession (GroupSession Free edition from... Moderate Unreviewed

CVE-2021-20788 was published May 24, 2022

A server-side request forgery (SSRF) (CWE-918) vulnerability in FortiManager and FortiAnalyser... Moderate Unreviewed

CVE-2021-32603 was published May 24, 2022

A server-side request forgery (SSRF) vulnerability in rConfig 3.9.5 has been fixed for 3.9.6.... Moderate Unreviewed

CVE-2020-25353 was published May 24, 2022

SSRF in URL file upload in Baserow <1.1.0 allows remote authenticated users to retrieve files... Moderate Unreviewed

CVE-2021-22255 was published May 24, 2022

Adobe Experience Manager Cloud Service offering, as well as versions 6.5.8.0 (and below) is... Moderate Unreviewed

CVE-2021-28627 was published May 24, 2022

The Mailchimp for WooCommerce WordPress plugin before 2.7.1 has an AJAX action that allows any... Moderate Unreviewed

CVE-2022-2267 was published Aug 29, 2022

Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are... Moderate Unreviewed

CVE-2021-36043 was published May 24, 2022

Server Side Request Forgery (SSRF) vulnerability exists in owncloud/user_ldap < 0.15.4 in the... Moderate Unreviewed

CVE-2021-40537 was published May 24, 2022

bookstack is vulnerable to Server-Side Request Forgery (SSRF) Moderate Unreviewed

CVE-2021-3758 was published May 24, 2022

Server Side Request Forgery (SSRF) vulnerability exists in Discourse 2.3.2 and 2.6 via the email... Moderate Unreviewed

CVE-2020-24327 was published May 24, 2022

The Telefication WordPress plugin is vulnerable to Open Proxy and Server-Side Request Forgery via... Moderate Unreviewed

CVE-2021-39339 was published May 24, 2022

The vCenter Server contains an SSRF (Server Side Request Forgery) vulnerability due to improper... Moderate Unreviewed

CVE-2021-21993 was published May 24, 2022

The third party intelligence connector in Securonix SNYPR 6.3.1 Build 184295_0302 allows an... Moderate Unreviewed

CVE-2021-41385 was published May 24, 2022

A SSRF issue was discovered in Concrete CMS through 8.5.5. Users can access forbidden files on... Moderate Unreviewed

CVE-2021-40109 was published May 24, 2022

In all versions of GitLab CE/EE since version 8.0, a DNS rebinding vulnerability exists in... Moderate Unreviewed

CVE-2021-39894 was published May 24, 2022

Nagios Enterprises NagiosXI <= 5.8.4 contains a Server-Side Request Forgery (SSRF) vulnerability... Moderate Unreviewed

CVE-2021-37223 was published May 24, 2022

Releases prior to VMware vRealize Operations 8.6 contain a Server Side Request Forgery (SSRF)... Moderate Unreviewed

CVE-2021-22033 was published May 24, 2022

Server-Side Request Forgery (SSRF) vulnerability in Package Center functionality in Synology... Moderate Unreviewed

CVE-2022-27622 was published Oct 25, 2022

The url parameter of the /api/geojson endpoint in Metabase versions <44.5 can be used to perform... Moderate Unreviewed

CVE-2022-43776 was published Oct 26, 2022

An SSRF issue was discovered in Zoho ManageEngine Applications Manager build 15200. Moderate Unreviewed

CVE-2021-35512 was published May 24, 2022

An issue was discovered in Hyland org.alfresco:alfresco-content-services through 6.2.2.18 and org... Moderate Unreviewed

CVE-2021-41792 was published May 24, 2022

The Blog2Social: Social Media Auto Post & Scheduler WordPress plugin before 6.9.10 does not have... Moderate Unreviewed

CVE-2022-3247 was published Oct 25, 2022

IBM InfoSphere Data Flow Designer (IBM InfoSphere Information Server 11.7 ) is vulnerable to... Moderate Unreviewed

CVE-2021-29738 was published May 24, 2022

Previous 1 2 3 4 5 6 7 … 20 21 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

524 advisories