GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,286
Composer 4,356
Erlang 33
GitHub Actions 22
Go 2,121
Maven 5,299
npm 3,783
NuGet 683
pip 3,465
Pub 12
RubyGems 893
Rust 892
Swift 38

Unreviewed advisories

All unreviewed 244,371

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

308 advisories

Filter by severity

Sort by

Least recently updated

The vRealize Operations Manager API (8.x prior to 8.5) contains a Server Side Request Forgery in... High Unreviewed

CVE-2021-22026 was published May 24, 2022

The vRealize Operations Manager API (8.x prior to 8.5) contains a Server Side Request Forgery in... High Unreviewed

CVE-2021-22027 was published May 24, 2022

An SSRF vulnerability in Gotenberg through 6.2.1 exists in the remote URL to PDF conversion,... High Unreviewed

CVE-2020-14160 was published May 24, 2022

A CWE-918: Server-Side Request Forgery (SSRF) vulnerability exists in EVlink City (EVC1S22P4 /... High Unreviewed

CVE-2021-22726 was published May 24, 2022

Siren Investigate before 11.1.1 contains a server side request forgery (SSRF) defect in the built... High Unreviewed

CVE-2021-31216 was published May 24, 2022

SSRF vulnerability in Halo <=1.3.2 exists in the SMTP configuration, which can detect the server... High Unreviewed

CVE-2020-23079 was published May 24, 2022

A server side request forgery (SSRF) vulnerability in /ApiAdminDomainSettings.php of MipCMS 5.0.1... High Unreviewed

CVE-2020-20582 was published May 24, 2022

Server-side request forgery (SSRF) in the Podcast Importer SecondLine (podcast-importer... High Unreviewed

CVE-2020-24149 was published May 24, 2022

Microsoft SharePoint Server Spoofing Vulnerability This CVE ID is unique from CVE-2021-31948, CVE... High Unreviewed

CVE-2021-31950 was published May 24, 2022

When requests to the internal network for webhooks are enabled, a server-side request forgery... High Unreviewed

CVE-2021-22214 was published May 24, 2022

An issue was discovered in YzmCMS 5.8. There is a SSRF vulnerability in the background collection... High Unreviewed

CVE-2020-35970 was published May 24, 2022

Server-Side request forgery (SSRF) vulnerability in task management component in Synology... High Unreviewed

CVE-2021-33184 was published May 24, 2022

In JetBrains TeamCity before 2020.2.3, information disclosure via SSRF was possible. High Unreviewed

CVE-2021-31910 was published May 24, 2022

An SSRF issue in Open Distro for Elasticsearch (ODFE) before 1.13.1.0 allows an existing... High Unreviewed

CVE-2021-31828 was published May 24, 2022

An Unauthenticated Server-Side Request Forgery (SSRF) vulnerability exists in Inim Electronics... High Unreviewed

CVE-2020-22002 was published May 24, 2022

The ECT Provider component in OutSystems Platform Server 10 before 10.0.1104.0 and 11 before 11.9... High Unreviewed

CVE-2021-29357 was published May 24, 2022

Server-side request forgery in Wcms 0.3.2 let an attacker send crafted requests from the back-end... High Unreviewed

CVE-2020-24140 was published May 24, 2022

Server-side request forgery in Wcms 0.3.2 lets an attacker send crafted requests from the back... High Unreviewed

CVE-2020-24139 was published May 24, 2022

Server Side Request Forgery (SSRF) vulnerability in saveUrlAs function in ImagesService.java in... High Unreviewed

CVE-2020-19613 was published May 24, 2022

Server Side Request Forgery in vRealize Operations Manager API (CVE-2021-21975) prior to 8.4 may... High Unreviewed

CVE-2021-21975 was published May 24, 2022

An issue was discovered in ownCloud before 10.4. Because of an SSRF issue (via the apps... High Unreviewed

CVE-2020-10252 was published May 24, 2022

An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. There is... High Unreviewed

CVE-2020-35558 was published May 24, 2022

JetBrains TeamCity Plugin before 2020.2.85695 SSRF. Vulnerability that could potentially expose... High Unreviewed

CVE-2020-35667 was published May 24, 2022

PacsOne Server (PACS Server In One Box) below 7.1.1 is affected by file read/manipulation, which... High Unreviewed

CVE-2020-29166 was published May 24, 2022

A SSRF vulnerability exists in Winmail 6.5 in app.php in the key parameter when HTTPS is on. An... High Unreviewed

CVE-2020-23776 was published May 24, 2022

Previous 1 2 … 6 7 8 9 10 11 12 13 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

308 advisories