Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,825
Erlang
36
GitHub Actions
32
Go
2,417
Maven
5,000+
npm
4,054
NuGet
723
pip
3,845
Pub
12
RubyGems
933
Rust
1,005
Swift
38
Unreviewed advisories
All unreviewed
5,000+

700 advisories

Loading
Because of no validation on a curl command in MagpieRSS 0.72 in the /extlib/Snoopy.class.inc file... Moderate Unreviewed
CVE-2021-28941 was published May 24, 2022
Affected versions of Confluence Server before 7.11.0 allow attackers to identify internal hosts... Moderate Unreviewed
CVE-2020-29445 was published May 24, 2022
An issue has been discovered in GitLab affecting all versions starting from 13.2. Gitlab was... Moderate Unreviewed
CVE-2021-22178 was published May 24, 2022
spxmanage on certain SpinetiX devices allows requests that access unintended resources because of... Moderate Unreviewed
CVE-2020-15809 was published May 24, 2022
IBM DataPower Gateway V10 and V2018 could allow a local attacker with administrative privileges... Moderate Unreviewed
CVE-2020-5014 was published May 24, 2022
IBM WebSphere Application Server 7.0, 8.0, and 8.5 is vulnerable to server-side request forgery ... Moderate Unreviewed
CVE-2021-20480 was published May 24, 2022
SSRF in the document conversion component of Webware Webdesktop 5.1.15 allows an attacker to read... Moderate Unreviewed
CVE-2021-3204 was published May 24, 2022
IBM Planning Analytics 2.0 could be vulnerable to a Server-Side Request Forgery (SSRF) attack by... Moderate Unreviewed
CVE-2020-4882 was published May 24, 2022
A server-side request forgery (SSRF) information disclosure vulnerability in Trend Micro... Moderate Unreviewed
CVE-2021-25236 was published May 24, 2022
An issue was discovered in MB connect line mymbCONNECT24 and mbCONNECT24 software in all versions... Moderate Unreviewed
CVE-2020-12529 was published May 24, 2022
IBM QRadar SIEM 7.4.2 GA to 7.4.2 Patch 1, 7.4.0 to 7.4.1 Patch 1, and 7.3.0 to 7.3.3 Patch 5 is... Moderate Unreviewed
CVE-2020-4786 was published May 24, 2022
Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 is vulnerable to a server... Moderate Unreviewed
CVE-2020-27018 was published May 24, 2022
OX App Suite through 7.10.3 allows SSRF because GET requests are sent to arbitrary domain names... Moderate Unreviewed
CVE-2020-24700 was published May 24, 2022
OX App Suite through 7.10.3 allows SSRF via the the /ajax/messaging/message message API. Moderate Unreviewed
CVE-2020-15002 was published May 24, 2022
OX App Suite through 7.10.4 allows SSRF via a URL with an @ character in an appsuite/api/oauth... Moderate Unreviewed
CVE-2021-23927 was published May 24, 2022
SAP BusinessObjects Business Intelligence Platform (Web Services) versions - 410, 420, 430,... Moderate Unreviewed
CVE-2020-6308 was published May 24, 2022
BigBlueButton before 2.2.7 allows remote authenticated users to read local files and conduct SSRF... Moderate Unreviewed
CVE-2020-25820 was published May 24, 2022
The Canto plugin 1.3.0 for WordPress contains blind SSRF vulnerability. It allows an... Moderate Unreviewed
CVE-2020-28977 was published May 24, 2022
The Canto plugin 1.3.0 for WordPress contains blind SSRF vulnerability. It allows an... Moderate Unreviewed
CVE-2020-28978 was published May 24, 2022
JetBrains YouTrack before 2020.3.888 was vulnerable to SSRF. Moderate Unreviewed
CVE-2020-27624 was published May 24, 2022
AdRem NetCrunch 10.6.0.4587 has a Server-Side Request Forgery (SSRF) vulnerability in the... Moderate Unreviewed
CVE-2019-14476 was published May 24, 2022
AEM Forms SP6 add-on for AEM 6.5.6.0 and Forms add-on package for AEM 6.4 Service Pack 8... Moderate Unreviewed
CVE-2020-24444 was published May 24, 2022
The Canto plugin 1.3.0 for WordPress contains a blind SSRF vulnerability. It allows an... Moderate Unreviewed
CVE-2020-28976 was published May 24, 2022
A Server-Side Request Forgery (SSRF) affecting the PDF generation in MicroStrategy 10.4, 2019... Moderate Unreviewed
CVE-2020-24815 was published May 24, 2022
JetBrains YouTrack before 2020.3.5333 was vulnerable to SSRF. Moderate Unreviewed
CVE-2020-27626 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database