GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
271 advisories
Filter by severity
The JSM file_get_contents() Shortcode WordPress plugin before 2.7.1 does not validate one of its...
High
Unreviewed
CVE-2023-6991
was published
Jan 15, 2024
A vulnerability, which was classified as critical, has been found in HaoKeKeJi YiQiNiu up to 3.1....
High
Unreviewed
CVE-2024-0510
was published
Jan 14, 2024
An issue in rymcu forest v.0.02 allows a remote attacker to obtain sensitive information via...
High
Unreviewed
CVE-2023-51804
was published
Jan 13, 2024
Blind Server-Side Request Forgery (SSRF) vulnerability in karlomikus Bar Assistant before version...
High
Unreviewed
CVE-2023-49471
was published
Jan 10, 2024
Arbitrary file properties reading vulnerability in Apache Software Foundation Apache OFBiz when...
High
Unreviewed
CVE-2023-50968
was published
Dec 26, 2023
An unauthenticated attacked could send a specifically crafted web request causing a Server-Side...
High
Unreviewed
CVE-2023-46262
was published
Dec 19, 2023
A vulnerability was found in kalcaddle kodbox up to 1.48. It has been rated as critical. Affected...
High
Unreviewed
CVE-2023-6849
was published
Dec 16, 2023
Server-Side Request Forgery (SSRF) vulnerability in Elegant Digital Solutions CommentLuv.This...
High
Unreviewed
CVE-2023-49159
was published
Dec 15, 2023
Server-Side Request Forgery (SSRF) in kubeflow/kubeflow
High
Unreviewed
CVE-2023-6570
was published
Dec 14, 2023
Server-Side Request Forgery (SSRF) vulnerability in Brainstorm Force Starter Templates —...
High
Unreviewed
CVE-2023-41804
was published
Dec 7, 2023
Server-Side Request Forgery (SSRF) vulnerability in Paytm Paytm Payment Gateway.This issue...
High
Unreviewed
CVE-2022-45362
was published
Dec 7, 2023
Server-Side Request Forgery (SSRF) vulnerability in Darren Cooney Instant Images plugin <= 5.1.0...
High
Unreviewed
CVE-2023-27451
was published
Nov 22, 2023
Book Stack version 23.10.2 allows filtering local files on the server. This is possible because...
High
Unreviewed
CVE-2023-6199
was published
Nov 21, 2023
Server-Side Request Forgery (SSRF) vulnerability in Vova Anokhin WP Shortcodes Plugin —...
High
Unreviewed
CVE-2023-23800
was published
Nov 13, 2023
Local File Inclusion vulnerability in Midori-global Better PDF Exporter for Jira Server and Jira...
High
Unreviewed
CVE-2023-42361
was published
Nov 8, 2023
The Assistant WordPress plugin before 1.4.4 does not validate a parameter before making a request...
High
Unreviewed
CVE-2023-5798
was published
Oct 26, 2023
umputun remark42 version 1.12.1 and before has a Blind Server-Side Request Forgery (SSRF)...
High
Unreviewed
CVE-2023-45966
was published
Oct 23, 2023
link_to_local_path in ebooks/conversion/plugins/html_input.py in calibre before 6.19.0 can, by...
High
Unreviewed
CVE-2023-46303
was published
Oct 22, 2023
Server-Side Request Forgery vulnerability in SLims version 9.6.0. This vulnerability could allow...
High
Unreviewed
CVE-2023-3744
was published
Oct 2, 2023
The Dropbox Folder Share plugin for WordPress is vulnerable to Server-Side Request Forgery in...
High
Unreviewed
CVE-2023-3025
was published
Sep 16, 2023
Server Side Request Forgery (SSRF) vulnerability in NebulaGraph Studio version 3.7.0, allows...
High
Unreviewed
CVE-2023-36088
was published
Sep 1, 2023
The Booking Manager WordPress plugin before 2.0.29 does not validate URLs input in it's admin...
High
Unreviewed
CVE-2023-1977
was published
Aug 16, 2023
rconfig v3.9.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the path_b...
High
Unreviewed
CVE-2023-39108
was published
Aug 1, 2023
rconfig v3.9.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the path...
High
Unreviewed
CVE-2023-39110
was published
Aug 1, 2023
rconfig v3.9.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the path_a...
High
Unreviewed
CVE-2023-39109
was published
Aug 1, 2023
ProTip!
Advisories are also available from the
GraphQL API