Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

348 advisories

Loading
IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.14.3 is vulnerable to server-side request... Moderate Unreviewed
CVE-2021-39051 was published Mar 15, 2022
The DefaultRepositoryAdminService class in Fisheye and Crucible before version 4.8.9 allowed... Moderate Unreviewed
CVE-2021-43954 was published Mar 15, 2022
Sonatype Nexus Repository Manager 3.x before 3.38.0 allows SSRF. Moderate Unreviewed
CVE-2022-27907 was published Mar 31, 2022
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.1 before 14... Moderate Unreviewed
CVE-2022-1188 was published Apr 5, 2022
Dr Trust USA iCheck Connect BP Monitor BP Testing 118 version 1.2.1 is vulnerable to Transmitting... Moderate Unreviewed
CVE-2020-27375 was published Apr 8, 2022
OX App Suite through 7.10.6 allows SSRF because the anti-SSRF protection mechanism only checks... Moderate Unreviewed
CVE-2022-37313 was published Dec 26, 2022
Server-side request forgery (SSRF) vulnerability in feed-proxy.php in extjs 5.0.0. Moderate Unreviewed
CVE-2007-6758 was published Apr 21, 2022
IBM QRadar 7.3.0 to 7.3.3 Patch 2 is vulnerable to Server Side Request Forgery (SSRF). This may... Moderate Unreviewed
CVE-2020-4294 was published May 24, 2022
The WidgetConnector plugin in Confluence Server and Confluence Data Center before version 5.8.6... Moderate Unreviewed
CVE-2021-26072 was published May 24, 2022
Some part of SAP NetWeaver (EP Web Page Composer) does not sufficiently validate an XML document... Moderate Unreviewed
CVE-2022-28217 was published Jun 14, 2022
SAP NetWeaver, ABAP Platform and SAP Host Agent - versions KERNEL 7.22, 7.49, 7.53, 7.77, 7.81, 7... Moderate Unreviewed
CVE-2022-29612 was published Jun 15, 2022
In Recipes, versions 0.9.1 through 1.2.5 are vulnerable to Server Side Request Forgery (SSRF), in... Moderate Unreviewed
CVE-2022-23071 was published Jun 20, 2022
The GeoAnalytics feature in Qlik Sense April 2020 patch 4 allows SSRF. Moderate Unreviewed
CVE-2021-36761 was published Jun 22, 2022
OneBlog v2.3.4 was discovered to contain a Server-Side Request Forgery (SSRF) vulnerability via... Moderate Unreviewed
CVE-2022-34011 was published Jun 24, 2022
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to server-side request... Moderate Unreviewed
CVE-2021-20544 was published Jun 25, 2022
A vulnerability in Mobile Plugin for Jira Data Center and Server allows a remote, authenticated... Moderate Unreviewed
CVE-2022-26135 was published Jul 1, 2022
In FineCMS before 2017-07-06, application/lib/ajax/get_image_data.php has SSRF, related to... Moderate Unreviewed
CVE-2017-10973 was published May 17, 2022
OneBlog v2.3.4 was discovered to contain a Server-Side Request Forgery (SSRF) vulnerability via... Moderate Unreviewed
CVE-2022-34013 was published Jun 24, 2022
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to server-side request... Moderate Unreviewed
CVE-2021-20421 was published Jun 25, 2022
A vulnerability, which was classified as critical, has been found in Lithium Forum 2017 Q1. This... Moderate Unreviewed
CVE-2017-20106 was published Jun 29, 2022
SSRF vulnerability in remotedownload.php in Allen Disk 1.6 allows remote authenticated users to... Moderate Unreviewed
CVE-2017-9307 was published May 17, 2022
IBM Sterling Partner Engagement Manager 6.1.2, 6.2, and Cloud/SasS 22.2 is vulnerable to server... Moderate Unreviewed
CVE-2022-22416 was published Jul 20, 2022
OX App Suite through 7.10.6 allows SSRF because multipart/form-data boundaries are predictable,... Moderate Unreviewed
CVE-2022-24406 was published Jul 28, 2022
SAP Netweaver AS ABAP, versions 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754,... Moderate Unreviewed
CVE-2020-6275 was published May 24, 2022
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to server-side request... Moderate Unreviewed
CVE-2022-35282 was published Sep 29, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database