GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 25,970
Composer 5,212
Erlang 40
GitHub Actions 40
Go 2,954
Maven 6,244
npm 4,606
NuGet 787
pip 4,305
Pub 12
RubyGems 984
Rust 1,121
Swift 49

Unreviewed advisories

All unreviewed 288,822

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

894 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

JetBrains YouTrack before 2020.3.5333 was vulnerable to SSRF. Moderate Unreviewed

CVE-2020-27626 was published May 24, 2022

A Server-Side Request Forgery (SSRF) affecting the PDF generation in MicroStrategy 10.4, 2019... Moderate Unreviewed

CVE-2020-24815 was published May 24, 2022

The Canto plugin 1.3.0 for WordPress contains a blind SSRF vulnerability. It allows an... Moderate Unreviewed

CVE-2020-28976 was published May 24, 2022

AEM Forms SP6 add-on for AEM 6.5.6.0 and Forms add-on package for AEM 6.4 Service Pack 8... Moderate Unreviewed

CVE-2020-24444 was published May 24, 2022

AdRem NetCrunch 10.6.0.4587 has a Server-Side Request Forgery (SSRF) vulnerability in the... Moderate Unreviewed

CVE-2019-14476 was published May 24, 2022

JetBrains YouTrack before 2020.3.888 was vulnerable to SSRF. Moderate Unreviewed

CVE-2020-27624 was published May 24, 2022

The Canto plugin 1.3.0 for WordPress contains blind SSRF vulnerability. It allows an... Moderate Unreviewed

CVE-2020-28978 was published May 24, 2022

The Canto plugin 1.3.0 for WordPress contains blind SSRF vulnerability. It allows an... Moderate Unreviewed

CVE-2020-28977 was published May 24, 2022

BigBlueButton before 2.2.7 allows remote authenticated users to read local files and conduct SSRF... Moderate Unreviewed

CVE-2020-25820 was published May 24, 2022

SAP BusinessObjects Business Intelligence Platform (Web Services) versions - 410, 420, 430,... Moderate Unreviewed

CVE-2020-6308 was published May 24, 2022

OX App Suite through 7.10.4 allows SSRF via a URL with an @ character in an appsuite/api/oauth... Moderate Unreviewed

CVE-2021-23927 was published May 24, 2022

OX App Suite through 7.10.3 allows SSRF via the the /ajax/messaging/message message API. Moderate Unreviewed

CVE-2020-15002 was published May 24, 2022

Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 is vulnerable to a server... Moderate Unreviewed

CVE-2020-27018 was published May 24, 2022

OX App Suite through 7.10.3 allows SSRF because GET requests are sent to arbitrary domain names... Moderate Unreviewed

CVE-2020-24700 was published May 24, 2022

IBM QRadar SIEM 7.4.2 GA to 7.4.2 Patch 1, 7.4.0 to 7.4.1 Patch 1, and 7.3.0 to 7.3.3 Patch 5 is... Moderate Unreviewed

CVE-2020-4786 was published May 24, 2022

An issue was discovered in MB connect line mymbCONNECT24 and mbCONNECT24 software in all versions... Moderate Unreviewed

CVE-2020-12529 was published May 24, 2022

A server-side request forgery (SSRF) information disclosure vulnerability in Trend Micro... Moderate Unreviewed

CVE-2021-25236 was published May 24, 2022

IBM Planning Analytics 2.0 could be vulnerable to a Server-Side Request Forgery (SSRF) attack by... Moderate Unreviewed

CVE-2020-4882 was published May 24, 2022

SSRF in the document conversion component of Webware Webdesktop 5.1.15 allows an attacker to read... Moderate Unreviewed

CVE-2021-3204 was published May 24, 2022

IBM WebSphere Application Server 7.0, 8.0, and 8.5 is vulnerable to server-side request forgery ... Moderate Unreviewed

CVE-2021-20480 was published May 24, 2022

IBM DataPower Gateway V10 and V2018 could allow a local attacker with administrative privileges... Moderate Unreviewed

CVE-2020-5014 was published May 24, 2022

spxmanage on certain SpinetiX devices allows requests that access unintended resources because of... Moderate Unreviewed

CVE-2020-15809 was published May 24, 2022

An issue has been discovered in GitLab affecting all versions starting from 13.2. Gitlab was... Moderate Unreviewed

CVE-2021-22178 was published May 24, 2022

Affected versions of Confluence Server before 7.11.0 allow attackers to identify internal hosts... Moderate Unreviewed

CVE-2020-29445 was published May 24, 2022

Because of no validation on a curl command in MagpieRSS 0.72 in the /extlib/Snoopy.class.inc file... Moderate Unreviewed

CVE-2021-28941 was published May 24, 2022

Previous 1…3…36 Next

Previous 1 2 3 4 5 … 35 36 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

894 advisories