GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,618
NuGet
638
pip
3,231
Pub
10
RubyGems
854
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+
5,973 advisories
Filter by severity
Cross-site scripting in Swagger-UI
Critical
CVE-2019-17495
was published
for
io.springfox:springfox-swagger-ui
(Maven)
Oct 15, 2019
DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the...
Moderate
Unreviewed
CVE-2024-28678
was published
Mar 13, 2024
Cross Site Request Forgery vulnerability in flusity-CMS v.2.33 allows a remote attacker to...
High
Unreviewed
CVE-2024-24469
was published
Feb 5, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Themeum Tutor LMS.This issue affects Tutor LMS...
Moderate
Unreviewed
CVE-2024-39645
was published
Aug 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in ThimPress LearnPress.This issue affects...
Moderate
Unreviewed
CVE-2024-39641
was published
Aug 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in WPMU DEV Hummingbird.This issue affects...
Moderate
Unreviewed
CVE-2024-43117
was published
Aug 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Sender Sender – Newsletter, SMS and Email...
Moderate
Unreviewed
CVE-2024-39657
was published
Aug 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in 10up Simple Local Avatars.This issue affects...
Moderate
Unreviewed
CVE-2024-43116
was published
Aug 26, 2024
A Cross-Site Request Forgery (CSRF) vulnerability was found in Kashipara Music Management System...
Low
Unreviewed
CVE-2024-42792
was published
Aug 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in WPBackItUp Backup and Restore WordPress.This...
Moderate
Unreviewed
CVE-2024-43269
was published
Aug 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in bobbingwide.This issue affects oik: from n/a...
Moderate
Unreviewed
CVE-2024-43356
was published
Aug 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Brevo Newsletter, SMTP, Email marketing and...
Moderate
Unreviewed
CVE-2024-43287
was published
Aug 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Naiche Dark Mode for WP Dashboard.This issue...
Moderate
Unreviewed
CVE-2024-43325
was published
Aug 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Stormhill Media MyBookTable Bookstore allows...
High
Unreviewed
CVE-2024-43255
was published
Aug 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Saturday Drive Ninja Forms.This issue affects...
Moderate
Unreviewed
CVE-2024-39628
was published
Aug 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in WebinarPress allows Cross-Site Scripting (XSS)...
Moderate
Unreviewed
CVE-2024-43339
was published
Aug 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Passionate Programmers B.V. WP Data Access...
Moderate
Unreviewed
CVE-2024-43295
was published
Aug 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Softaculous Team SpeedyCache.This issue...
Moderate
Unreviewed
CVE-2024-43299
was published
Aug 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in WP User Manager.This issue affects WP User...
Moderate
Unreviewed
CVE-2024-43336
was published
Aug 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Nasirahmed Advanced Form Integration.This...
Moderate
Unreviewed
CVE-2024-43340
was published
Aug 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Brave Brave Popup Builder.This issue affects...
Moderate
Unreviewed
CVE-2024-43337
was published
Aug 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Fonts Plugin Fonts allows Stored XSS.This...
High
Unreviewed
CVE-2024-43301
was published
Aug 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Checkout Plugins Stripe Payments For...
Moderate
Unreviewed
CVE-2024-43316
was published
Aug 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Analytify.This issue affects Analytify: from n...
Moderate
Unreviewed
CVE-2024-43265
was published
Aug 26, 2024
The Visual Sound plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions...
Moderate
Unreviewed
CVE-2024-8197
was published
Aug 27, 2024
ProTip!
Advisories are also available from the
GraphQL API