Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,050
Erlang
29
GitHub Actions
18
Go
1,871
Maven
5,000+
npm
3,600
NuGet
638
pip
3,198
Pub
10
RubyGems
852
Rust
810
Swift
35
Unreviewed advisories
All unreviewed
5,000+

3,234 advisories

A Cross-Site Request Forgery (CSRF) vulnerability was found in Kashipara Hotel Management System... Moderate Unreviewed
CVE-2024-42768 was published Aug 22, 2024
Hono CSRF middleware can be bypassed using crafted Content-Type header Moderate
CVE-2024-43787 was published for hono (npm) Aug 22, 2024
wataru-chocola
IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 is vulnerable to cross-site... Moderate Unreviewed
CVE-2024-39744 was published Aug 22, 2024
Mattermost Cross-Site Request Forgery vulnerability Moderate
CVE-2024-40886 was published for github.com/mattermost/mattermost/server/v8 (Go) Aug 22, 2024
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE)... Moderate Unreviewed
CVE-2024-20486 was published Aug 21, 2024
The OTA Sync Booking Engine Widget plugin for WordPress is vulnerable to Cross-Site Request... Moderate Unreviewed
CVE-2024-7647 was published Aug 21, 2024
Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ... Moderate Unreviewed
CVE-2024-42606 was published Aug 20, 2024
Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ... Moderate Unreviewed
CVE-2024-42603 was published Aug 20, 2024
A Cross-Site Request Forgery (CSRF) in the component edit_group.php of Warehouse Inventory System... Moderate Unreviewed
CVE-2024-42580 was published Aug 20, 2024
The BP Profile Search plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed
CVE-2024-7850 was published Aug 20, 2024
The Short URL plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to,... Moderate Unreviewed
CVE-2023-1604 was published Aug 17, 2024
The Bricks theme for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and... Moderate Unreviewed
CVE-2023-3408 was published Aug 17, 2024
The Bricks theme for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and... Moderate Unreviewed
CVE-2023-3409 was published Aug 17, 2024
The Download Plugins and Themes in ZIP from Dashboard plugin for WordPress is vulnerable to Cross... Moderate Unreviewed
CVE-2024-7501 was published Aug 16, 2024
The Theme My Login plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed
CVE-2024-7422 was published Aug 16, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Xyzscripts Insert PHP Code Snippet.This issue... Moderate Unreviewed
CVE-2024-43275 was published Aug 15, 2024
The Insert PHP Code Snippet plugin for WordPress is vulnerable to Cross-Site Request Forgery in... Moderate Unreviewed
CVE-2024-7420 was published Aug 15, 2024
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a... Moderate Unreviewed
CVE-2024-39408 was published Aug 14, 2024
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a... Moderate Unreviewed
CVE-2024-39409 was published Aug 14, 2024
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a... Moderate Unreviewed
CVE-2024-39410 was published Aug 14, 2024
FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ... Moderate Unreviewed
CVE-2024-42629 was published Aug 12, 2024
FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ... Moderate Unreviewed
CVE-2024-42625 was published Aug 12, 2024
A vulnerability was found in SourceCodester Clinics Patient Management System 1.0. It has been... Moderate Unreviewed
CVE-2024-7645 was published Aug 12, 2024
A vulnerability was found in SourceCodester Car Driving School Management System 1.0. It has been... Moderate Unreviewed
CVE-2024-7661 was published Aug 12, 2024
A vulnerability was found in SourceCodester Car Driving School Management System 1.0. It has been... Moderate Unreviewed
CVE-2024-7662 was published Aug 12, 2024
ProTip! Advisories are also available from the GraphQL API