Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,747
Erlang
35
GitHub Actions
29
Go
2,321
Maven
5,000+
npm
3,955
NuGet
712
pip
3,736
Pub
12
RubyGems
921
Rust
972
Swift
38
Unreviewed advisories
All unreviewed
5,000+

651 advisories

Loading
Server-Side Request Forgery (SSRF) vulnerability in Ankur Vishwakarma WP AVCL Automation Helper ... Moderate Unreviewed
CVE-2025-46531 was published Apr 24, 2025
Server-Side Request Forgery (SSRF) vulnerability in Derek Springer BeerXML Shortcode allows... Moderate Unreviewed
CVE-2025-46511 was published Apr 24, 2025
Server-Side Request Forgery (SSRF) vulnerability in josheli Simple Google Photos Grid allows... Moderate Unreviewed
CVE-2025-46503 was published Apr 24, 2025
Server-Side Request Forgery (SSRF) vulnerability in Adam Pery Animate allows Server Side Request... Moderate Unreviewed
CVE-2025-46443 was published Apr 24, 2025
IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to server-side request forgery (SSRF).... Moderate Unreviewed
CVE-2025-27907 was published Apr 22, 2025
Crawl4AI SSRF vulnerability Moderate
CVE-2025-28197 was published for Crawl4AI (pip) Apr 18, 2025
A vulnerability was found in PbootCMS 3.2.5. It has been classified as problematic. Affected is... Moderate Unreviewed
CVE-2025-3787 was published Apr 18, 2025
An issue in personal-management-system Personal Management System 1.4.65 allows a remote attacker... Moderate Unreviewed
CVE-2025-29456 was published Apr 18, 2025
An issue in personal-management-system Personal Management System 1.4.65 allows a remote attacker... Moderate Unreviewed
CVE-2025-29453 was published Apr 18, 2025
An issue in personal-management-system Personal Management System 1.4.65 allows a remote attacker... Moderate Unreviewed
CVE-2025-29455 was published Apr 17, 2025
An issue in twonav v.2.1.18-20241105 allows a remote attacker to obtain sensitive information via... Moderate Unreviewed
CVE-2025-29450 was published Apr 17, 2025
An issue in twonav v.2.1.18-20241105 allows a remote attacker to obtain sensitive information via... Moderate Unreviewed
CVE-2025-29449 was published Apr 17, 2025
An issue in personal-management-system Personal Management System 1.4.65 allows a remote attacker... Moderate Unreviewed
CVE-2025-29454 was published Apr 17, 2025
Server-Side Request Forgery (SSRF) vulnerability in Apache HertzBeat. This issue affects Apache... Moderate Unreviewed
CVE-2024-56736 was published Apr 16, 2025
A vulnerability was found in mirweiye Seven Bears Library CMS 2023. It has been classified as... Moderate Unreviewed
CVE-2025-3691 was published Apr 16, 2025
CrushFTP 9.x and 10.x through 10.8.4 and 11.x through 11.3.1 allows SSRF via the host and port... Moderate Unreviewed
CVE-2025-32102 was published Apr 15, 2025
Server-Side Request Forgery (SSRF) vulnerability in EPC Photography. This issue affects... Moderate Unreviewed
CVE-2025-30964 was published Apr 15, 2025
Server-Side Request Forgery (SSRF) vulnerability in WP Royal Royal Elementor Addons allows Server... Moderate Unreviewed
CVE-2025-26990 was published Apr 15, 2025
Dify v1.0 was discovered to contain a Server-Side Request Forgery (SSRF) via the component... Moderate Unreviewed
CVE-2025-29720 was published Apr 14, 2025
SurrealDB bypass of deny-net flags via redirect results in server-side request forgery (SSRF) Moderate
GHSA-5q9x-554g-9jgg was published for surrealdb (Rust) Apr 11, 2025
cure53
A Server-Side Request Forgery (SSRF) vulnerability was discovered in the videx-legacy-ssl web... Moderate Unreviewed
CVE-2025-22374 was published Apr 10, 2025
In affected Microsoft Windows versions of Octopus Deploy, the server can be coerced into sending... Moderate Unreviewed
CVE-2025-0539 was published Apr 10, 2025
Server-Side Request Forgery (SSRF) vulnerability in QuantumCloud SEO Help allows Server Side... Moderate Unreviewed
CVE-2025-32675 was published Apr 9, 2025
Server-Side Request Forgery (SSRF) vulnerability in Angelo Mandato PowerPress Podcasting allows... Moderate Unreviewed
CVE-2025-32691 was published Apr 9, 2025
Server-Side Request Forgery (SSRF) vulnerability in Joe Waymark allows Server Side Request... Moderate Unreviewed
CVE-2025-32487 was published Apr 9, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database