Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,154
NuGet
736
pip
3,953
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

510 advisories

Loading
A Server-Side Request Forgery (SSRF) in Rocket TRUfusion Portal v7.9.2.1 allows remote attackers... High Unreviewed
CVE-2022-25026 was published Jan 13, 2023
An issue was discovered in OpenText Content Suite Platform 22.1 (16.2.19.1803). The endpoint... High Unreviewed
CVE-2022-45926 was published Jan 18, 2023
Browsershot Server-Side Request Forgery (SSRF) via setURL() Function High
CVE-2025-3192 was published for spatie/browsershot (Composer) Apr 4, 2025
Apache CXF: SSRF vulnerability via WADL stylesheet parameter High
CVE-2024-29736 was published for org.apache.cxf:cxf-rt-rs-service-description (Maven) Jul 19, 2024
yusuke-koyoshi
ONLYOFFICE all versions as of 2021-11-08 is vulnerable to Server-Side Request Forgery (SSRF). The... High Unreviewed
CVE-2021-43449 was published Jan 23, 2023
axios Requests Vulnerable To Possible SSRF and Credential Leakage via Absolute URL High
CVE-2025-27152 was published for axios (npm) Mar 7, 2025
lambdasawa maikelvdh
The Product Import Export for WooCommerce – Import Export Product CSV Suite plugin for WordPress... High Unreviewed
CVE-2025-1912 was published Mar 26, 2025
nossrf Server-Side Request Forgery (SSRF) High
CVE-2025-2691 was published for nossrf (npm) Mar 23, 2025
A Server-Side Request Forgery (SSRF) vulnerability in SMA1000 appliance firmware versions 12.4.3... High Unreviewed
CVE-2024-45317 was published Oct 11, 2024
The Export and Import Users and Customers plugin for WordPress is vulnerable to Server-Side... High Unreviewed
CVE-2025-1970 was published Mar 22, 2025
Open WebUI has SSRF in /openai/models High
CVE-2024-7959 was published for open-webui (pip) Mar 20, 2025
FastChat Server-Side Request Forgery vulnerability High
CVE-2024-12376 was published for fschat (pip) Mar 20, 2025
FastChat Server-Side Request Forgery vulnerability High
CVE-2024-11603 was published for fschat (pip) Mar 20, 2025
The Order Export & Order Import for WooCommerce plugin for WordPress is vulnerable to Server-Side... High Unreviewed
CVE-2024-13923 was published Mar 20, 2025
A Server-Side Request Forgery (SSRF) vulnerability was identified in the Requests utility of... High Unreviewed
CVE-2025-0454 was published Mar 20, 2025
A Server-Side Request Forgery (SSRF) vulnerability exists in the latest version of vanna-ai/vanna... High Unreviewed
CVE-2024-8099 was published Mar 20, 2025
A Server-Side Request Forgery (SSRF) vulnerability was discovered in haotian-liu/llava, affecting... High Unreviewed
CVE-2024-12068 was published Mar 20, 2025
comfyanonymous/comfyui version v0.2.4 suffers from a non-blind Server-Side Request Forgery (SSRF)... High Unreviewed
CVE-2024-12882 was published Mar 20, 2025
A vulnerability in haotian-liu/llava version 1.2.0 (LLaVA-1.6) allows for Server-Side Request... High Unreviewed
CVE-2024-11449 was published Mar 20, 2025
GPT Academic version 3.83 is vulnerable to a Server-Side Request Forgery (SSRF) vulnerability... High Unreviewed
CVE-2024-11030 was published Mar 20, 2025
parisneo/lollms-webui version V13 (feather) suffers from a Server-Side Request Forgery (SSRF)... High Unreviewed
CVE-2024-12766 was published Mar 20, 2025
** UNSUPPORTED WHEN ASSIGNED ** Server-Side Request Forgery (SSRF) vulnerability in Apache IoTDB... High Unreviewed
CVE-2024-36448 was published Aug 5, 2024
PhpSpreadsheet allows absolute path traversal and Server-Side Request Forgery when opening XLSX file High
CVE-2024-45290 was published for phpoffice/phpexcel (Composer) Oct 7, 2024
emilvirkki
Server-Side Request Forgery (SSRF) vulnerability in Brainstorm Force Spectra.This issue affects... High Unreviewed
CVE-2023-36679 was published Mar 28, 2024
A Server-Side Request Forgery (SSRF) in the component admin_webgather.php of SUCMS v1.0 allows... High Unreviewed
CVE-2025-25760 was published Feb 27, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database