Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,050
Erlang
29
GitHub Actions
19
Go
1,876
Maven
5,000+
npm
3,602
NuGet
638
pip
3,199
Pub
10
RubyGems
852
Rust
813
Swift
35
Unreviewed advisories
All unreviewed
5,000+

5,949 advisories

Cross-Site Request Forgery (CSRF) vulnerability in Nasirahmed Advanced Form Integration.This... Moderate Unreviewed
CVE-2024-43340 was published Aug 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Brave Brave Popup Builder.This issue affects... Moderate Unreviewed
CVE-2024-43337 was published Aug 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in WebinarPress allows Cross-Site Scripting (XSS)... Moderate Unreviewed
CVE-2024-43339 was published Aug 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Stormhill Media MyBookTable Bookstore allows... High Unreviewed
CVE-2024-43255 was published Aug 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Saturday Drive Ninja Forms.This issue affects... Moderate Unreviewed
CVE-2024-39628 was published Aug 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in WPBackItUp Backup and Restore WordPress.This... Moderate Unreviewed
CVE-2024-43269 was published Aug 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Brevo Newsletter, SMTP, Email marketing and... Moderate Unreviewed
CVE-2024-43287 was published Aug 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Naiche Dark Mode for WP Dashboard.This issue... Moderate Unreviewed
CVE-2024-43325 was published Aug 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in bobbingwide.This issue affects oik: from n/a... Moderate Unreviewed
CVE-2024-43356 was published Aug 26, 2024
A Cross-Site Request Forgery (CSRF) vulnerability was found in Kashipara Music Management System... Low Unreviewed
CVE-2024-42792 was published Aug 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Themeum Tutor LMS.This issue affects Tutor LMS... Moderate Unreviewed
CVE-2024-39645 was published Aug 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in ThimPress LearnPress.This issue affects... Moderate Unreviewed
CVE-2024-39641 was published Aug 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in WPMU DEV Hummingbird.This issue affects... Moderate Unreviewed
CVE-2024-43117 was published Aug 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Sender Sender – Newsletter, SMS and Email... Moderate Unreviewed
CVE-2024-39657 was published Aug 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in 10up Simple Local Avatars.This issue affects... Moderate Unreviewed
CVE-2024-43116 was published Aug 26, 2024
Cross Site Request Forgery vulnerability in flusity-CMS v.2.33 allows a remote attacker to... High Unreviewed
CVE-2024-24469 was published Feb 5, 2024
DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the... Moderate Unreviewed
CVE-2024-28678 was published Mar 13, 2024
Cross-site scripting in Swagger-UI Critical
CVE-2019-17495 was published for io.springfox:springfox-swagger-ui (Maven) Oct 15, 2019
mustafanaa
The Favicon Generator plugin for WordPress is vulnerable to Cross-Site Request Forgery in... Critical Unreviewed
CVE-2024-7568 was published Aug 24, 2024
The ImageRecycle pdf & image compression plugin for WordPress is vulnerable to Cross-Site Request... Moderate Unreviewed
CVE-2024-8120 was published Aug 24, 2024
Mattermost Cross-Site Request Forgery vulnerability Moderate
CVE-2024-40886 was published for github.com/mattermost/mattermost/server/v8 (Go) Aug 22, 2024
Kashipara Bus Ticket Reservation System v1.0 is vulnerable to Cross Site Request Forgery (CSRF)... Critical Unreviewed
CVE-2024-42764 was published Aug 23, 2024
Cross-site request forgery vulnerability exists in ELECOM wireless LAN routers. Viewing a... High Unreviewed
CVE-2024-40883 was published Aug 1, 2024
A Cross-Site Request Forgery (CSRF) vulnerability was found in Kashipara Hotel Management System... Moderate Unreviewed
CVE-2024-42768 was published Aug 22, 2024
Hono CSRF middleware can be bypassed using crafted Content-Type header Moderate
CVE-2024-43787 was published for hono (npm) Aug 22, 2024
wataru-chocola
ProTip! Advisories are also available from the GraphQL API