Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,154
NuGet
736
pip
3,953
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

747 advisories

Loading
Apache Ambari SSRF Vulnerability Moderate
CVE-2015-1775 was published for org.apache.ambari:ambari (Maven) May 17, 2022
The Replay Server in IBM Tealeaf Customer Experience 8.x before 8.7.1.8847 FP10, 8.8.x before 8.8... Moderate Unreviewed
CVE-2016-5968 was published May 17, 2022
OpenStack Glance Server-Side Request Forgery (SSRF) Moderate
CVE-2017-7200 was published for glance (pip) May 17, 2022
SSRF vulnerability in remotedownload.php in Allen Disk 1.6 allows remote authenticated users to... Moderate Unreviewed
CVE-2017-9307 was published May 17, 2022
In FineCMS before 2017-07-06, application/lib/ajax/get_image_data.php has SSRF, related to... Moderate Unreviewed
CVE-2017-10973 was published May 17, 2022
The External Media without Import WordPress plugin through 1.1.2 does not have any authorisation... Moderate Unreviewed
CVE-2022-1398 was published May 17, 2022
A remote authenticated server-side request forgery (ssrf) vulnerability was discovered in Aruba... Moderate Unreviewed
CVE-2022-23668 was published May 17, 2022
The external_request api call in App Studio (millicore) allows server side request forgery (SSRF)... Moderate Unreviewed
CVE-2017-7553 was published May 14, 2022
Server Side Request Forgery (SSRF) vulnerability in SAP NetWeaver Knowledge Management... Moderate Unreviewed
CVE-2017-16678 was published May 14, 2022
The Trello importer in Atlassian Jira before version 7.6.1 allows remote attackers to access the... Moderate Unreviewed
CVE-2017-16865 was published May 14, 2022
Server Side Request Forgery (SSRF) vulnerability in SAP Central Management Console, BI Launchpad... Moderate Unreviewed
CVE-2018-2370 was published May 14, 2022
Digital Guardian Management Console 7.1.2.0015 has an SSRF issue that allows remote attackers to... Moderate Unreviewed
CVE-2018-10174 was published May 14, 2022
Server-Side Request Forgery in Jenkins Git Plugin Moderate
CVE-2018-1000182 was published for org.jenkins-ci.plugins:git (Maven) May 14, 2022
Jenkins GitHub Plugin server-side request forgery vulnerability exists Moderate
CVE-2018-1000184 was published for com.coravy.hudson.plugins.github:github (Maven) May 14, 2022
Jenkins CAS Plugin Server-Side Request Forgery vulnerability Moderate
CVE-2018-1000188 was published for org.jenkins-ci.plugins:cas-plugin (Maven) May 14, 2022
Jenkins GitHub Branch Source Plugin vulnerable to Server-Side Request Forgery Moderate
CVE-2018-1000185 was published for org.jenkins-ci.plugins:github-branch-source (Maven) May 14, 2022
URLTrigger Plugin server-side request forgery vulnerability Moderate
CVE-2018-1000606 was published for org.jenkins-ci.plugins:urltrigger (Maven) May 14, 2022
westonsteimel
Pydio version 8.2.0 and earlier contains a Server-Side Request Forgery (SSRF) vulnerability in... Moderate Unreviewed
CVE-2018-1999017 was published May 14, 2022
Jenkins TraceTronic ECU-TEST Plugin server-side request forgery vulnerability Moderate
CVE-2018-1999026 was published for de.tracetronic.jenkins.plugins:ecutest (Maven) May 14, 2022
The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow... Moderate Unreviewed
CVE-2016-3718 was published May 14, 2022
Symfony SSRF Vulnerability via Form Component Moderate
CVE-2017-16790 was published for symfony/form (Composer) May 14, 2022
Server-Side Request Forgery (SSRF) in Jenkins Confluence Publisher Plugin Moderate
CVE-2018-1999039 was published for org.jenkins-ci.plugins:confluence-publisher (Maven) May 14, 2022
An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev11. The API to configure... Moderate Unreviewed
CVE-2016-4046 was published May 14, 2022
admin/functions/remote.php in Interspire Email Marketer through 6.1.6 has Server Side Request... Moderate Unreviewed
CVE-2018-19651 was published May 14, 2022
Jenkins Crowd 2 Integration Plugin server-side request forgery vulnerability Moderate
CVE-2018-1000422 was published for org.jenkins-ci.plugins:crowd2 (Maven) May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database