Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,633
Erlang
34
GitHub Actions
25
Go
2,241
Maven
5,000+
npm
3,902
NuGet
701
pip
3,669
Pub
12
RubyGems
914
Rust
943
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,347 advisories

Loading
A vulnerability was found in PbootCMS 3.2.5. It has been classified as problematic. Affected is... Moderate Unreviewed
CVE-2025-3787 was published Apr 18, 2025
An issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive information via the Mail... High Unreviewed
CVE-2025-29459 was published Apr 18, 2025
An issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive information via the Add... High Unreviewed
CVE-2025-29460 was published Apr 18, 2025
An issue in a-blogcms 3.1.15 allows a remote attacker to obtain sensitive information via the ... High Unreviewed
CVE-2025-29461 was published Apr 18, 2025
An issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive information via the Import a... High Unreviewed
CVE-2025-29457 was published Apr 18, 2025
An issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive information via the Change... High Unreviewed
CVE-2025-29458 was published Apr 18, 2025
An issue in Seo Panel 4.11.0 allows a remote attacker to obtain sensitive information via the... High Unreviewed
CVE-2025-29452 was published Apr 17, 2025
An issue in Seo Panel 4.11.0 allows a remote attacker to obtain sensitive information via the... High Unreviewed
CVE-2025-29451 was published Apr 17, 2025
Server-Side Request Forgery (SSRF) vulnerability in Apache HertzBeat. This issue affects Apache... Moderate Unreviewed
CVE-2024-56736 was published Apr 16, 2025
A vulnerability was found in mirweiye Seven Bears Library CMS 2023. It has been classified as... Moderate Unreviewed
CVE-2025-3691 was published Apr 16, 2025
Kyverno vulnerable to SSRF via Service Calls High
GHSA-459x-q9hg-4gpq was published for github.com/kyverno/kyverno (Go) Apr 15, 2025
r0binak
CrushFTP 9.x and 10.x through 10.8.4 and 11.x through 11.3.1 allows SSRF via the host and port... Moderate Unreviewed
CVE-2025-32102 was published Apr 15, 2025
Server-Side Request Forgery (SSRF) vulnerability in EPC Photography. This issue affects... Moderate Unreviewed
CVE-2025-30964 was published Apr 15, 2025
Server-Side Request Forgery (SSRF) vulnerability in WP Royal Royal Elementor Addons allows Server... Moderate Unreviewed
CVE-2025-26990 was published Apr 15, 2025
Dify v1.0 was discovered to contain a Server-Side Request Forgery (SSRF) via the component... Moderate Unreviewed
CVE-2025-29720 was published Apr 14, 2025
SmartRobot from INTUMIT has a Server-Side Request Forgery vulnerability, allowing unauthenticated... High Unreviewed
CVE-2025-3572 was published Apr 14, 2025
SurrealDB bypass of deny-net flags via redirect results in server-side request forgery (SSRF) Moderate
GHSA-5q9x-554g-9jgg was published for surrealdb (Rust) Apr 11, 2025
cure53
A Server-Side Request Forgery (SSRF) vulnerability was discovered in the videx-legacy-ssl web... Moderate Unreviewed
CVE-2025-22374 was published Apr 10, 2025
In affected Microsoft Windows versions of Octopus Deploy, the server can be coerced into sending... Moderate Unreviewed
CVE-2025-0539 was published Apr 10, 2025
Server-Side Request Forgery (SSRF) vulnerability in Angelo Mandato PowerPress Podcasting allows... Moderate Unreviewed
CVE-2025-32691 was published Apr 9, 2025
Server-Side Request Forgery (SSRF) vulnerability in QuantumCloud SEO Help allows Server Side... Moderate Unreviewed
CVE-2025-32675 was published Apr 9, 2025
Server-Side Request Forgery (SSRF) vulnerability in Joe Waymark allows Server Side Request... Moderate Unreviewed
CVE-2025-32487 was published Apr 9, 2025
Server-Side Request Forgery (SSRF) vulnerability in Jan Boddez IndieBlocks allows Server Side... Moderate Unreviewed
CVE-2025-31009 was published Apr 9, 2025
DotNetNuke.Core Vulnerable to Server-Side Request Forgery (SSRF) Moderate
CVE-2025-32372 was published for DotNetNuke.Core (NuGet) Apr 9, 2025
s0nnyWT valadas
david-poindexter
A vulnerability, which was classified as critical, has been found in mymagicpower AIAS 20250308.... Moderate Unreviewed
CVE-2025-3411 was published Apr 8, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database