Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,373
Erlang
33
GitHub Actions
22
Go
2,135
Maven
5,000+
npm
3,797
NuGet
687
pip
3,478
Pub
12
RubyGems
896
Rust
897
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,230 advisories

Loading
The Embed Any Document – Embed PDF, Word, PowerPoint and Excel Files plugin for WordPress is... Moderate Unreviewed
CVE-2025-1043 was published Feb 20, 2025
The web server receives a URL or similar request from an upstream component and retrieves the... High Unreviewed
CVE-2024-37359 was published Feb 20, 2025
SSRF in sliver teamserver Moderate
CVE-2025-27090 was published for github.com/bishopfox/sliver (Go) Feb 19, 2025
chebuya
A vulnerability was found in kasuganosoras Pigeon 1.0.177. It has been declared as critical. This... Moderate Unreviewed
CVE-2025-1447 was published Feb 19, 2025
The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-13741 was published Feb 18, 2025
Server-side request forgery (SSRF) vulnerability exists in FileMegane versions above 3.0.0.0... High Unreviewed
CVE-2025-20075 was published Feb 18, 2025
The Stream plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up... Moderate Unreviewed
CVE-2024-13879 was published Feb 17, 2025
The Responsive Plus – Starter Templates, Advanced Features and Customizer Settings for Responsive... Moderate Unreviewed
CVE-2024-13834 was published Feb 15, 2025
Label Studio allows Server-Side Request Forgery in the S3 Storage Endpoint High
CVE-2025-25297 was published for label-studio (pip) Feb 14, 2025
xbow-security
Server-Side Request Forgery (SSRF) vulnerability in Salesforce Tableau Server allows... High Unreviewed
CVE-2025-26494 was published Feb 11, 2025
Dell UCC Edge, version 2.3.0, contains a Blind SSRF on Add Customer SFTP Server vulnerability. An... High Unreviewed
CVE-2025-22399 was published Feb 11, 2025
A vulnerability has been identified in Opcenter Intelligence (All versions < V2501). Server-side... High Unreviewed
CVE-2025-26491 was published Feb 11, 2025
SolarWinds Platform is affected by server-side request forgery vulnerability. Proper input... Low Unreviewed
CVE-2024-52606 was published Feb 11, 2025
Server-side Request Forgery (SSRF) in hackney Low
CVE-2025-1211 was published for hackney (Erlang) Feb 11, 2025
benoitc
Server-Side Request Forgery (SSRF) in activitypub_federation Moderate
CVE-2025-25194 was published for activitypub_federation (Rust) Feb 10, 2025
nnfrog
Server-Side Request Forgery (SSRF) in Microsoft Dynamics 365 Sales allows an authorized attacker... High Unreviewed
CVE-2025-21177 was published Feb 7, 2025
IBM Aspera Shares 1.9.0 through 1.10.0 PL6 is vulnerable to server-side request forgery (SSRF).... Moderate Unreviewed
CVE-2024-56471 was published Feb 6, 2025
IBM Aspera Shares 1.9.0 through 1.10.0 PL6 is vulnerable to server-side request forgery (SSRF).... Moderate Unreviewed
CVE-2024-56470 was published Feb 6, 2025
SSRF vulnerability in the RSS feed parser in Zimbra Collaboration 9.0.0 before Patch 43, 10.0.x... Moderate Unreviewed
CVE-2025-25065 was published Feb 3, 2025
Server-Side Request Forgery (SSRF) vulnerability in NotFound Traveler Layout Essential For... Moderate Unreviewed
CVE-2025-22701 was published Feb 3, 2025
Server-Side Request Forgery (SSRF) vulnerability in NotFound Oshine Modules. This issue affects... Moderate Unreviewed
CVE-2024-44055 was published Jan 31, 2025
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.5 prior to... Low Unreviewed
CVE-2023-6195 was published Jan 31, 2025
imgproxy is vulnerable to SSRF against 0.0.0.0 Moderate
CVE-2025-24354 was published for github.com/imgproxy/imgproxy (Go) Jan 27, 2025
phannguyenlong Benasin
benaubin
The Multiple Page Generator Plugin – MPG plugin for WordPress is vulnerable to Server-Side... Moderate Unreviewed
CVE-2024-10705 was published Jan 26, 2025
The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form &... Low Unreviewed
CVE-2024-13450 was published Jan 25, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database