GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,618
NuGet
638
pip
3,231
Pub
10
RubyGems
854
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+
5,973 advisories
Filter by severity
The Reviews Feed – Add Testimonials and Customer Reviews From Google Reviews, Yelp, TripAdvisor,...
Moderate
Unreviewed
CVE-2024-8200
was published
Aug 27, 2024
A cross-site request forgery (CSRF) vulnerability in the admin panel in SkySystem Arfa-CMS before...
High
Unreviewed
CVE-2024-45264
was published
Aug 27, 2024
Cross Site Request Forgery vulnerability in FlyCms v.1.0 allows a remote attacker to execute...
High
Unreviewed
CVE-2024-22939
was published
Feb 29, 2024
The Smart Forms WordPress plugin before 2.6.87 does not have authorisation in various AJAX...
Moderate
Unreviewed
CVE-2023-7203
was published
Feb 27, 2024
Cross-site request forgery (CSRF) vulnerability in easy-popup-show all versions allows a remote...
Moderate
Unreviewed
CVE-2024-29009
was published
Mar 25, 2024
DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ...
Moderate
Unreviewed
CVE-2024-28669
was published
Mar 13, 2024
DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ...
Moderate
Unreviewed
CVE-2024-28682
was published
Mar 13, 2024
DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ...
Moderate
Unreviewed
CVE-2024-28677
was published
Mar 13, 2024
DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ...
Moderate
Unreviewed
CVE-2024-28681
was published
Mar 13, 2024
A Cross-Site Request Forgery (CSRF) vulnerability was found in Kashipara Music Management System...
Moderate
Unreviewed
CVE-2024-42793
was published
Aug 28, 2024
Cross Site Request Forgery vulnerability in GNU Savane v.3.12 and before allows a remote attacker...
Moderate
Unreviewed
CVE-2024-27631
was published
Apr 8, 2024
flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
Moderate
Unreviewed
CVE-2024-26445
was published
Feb 22, 2024
The Coru LFMember WordPress plugin through 1.0.2 does not have CSRF check in place when adding a...
Moderate
Unreviewed
CVE-2022-1618
was published
Jan 16, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Dinesh Karki WP Armour Extended.This issue...
Moderate
Unreviewed
CVE-2024-43947
was published
Aug 29, 2024
Cross Site Request Forgery (CSRF) vulnerability in savignano S/Notify before 4.0.2 for Jira...
Moderate
Unreviewed
CVE-2024-23737
was published
Jul 2, 2024
The Tourfic plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up...
Moderate
Unreviewed
CVE-2024-8319
was published
Aug 30, 2024
mongo-express Cross-site Request Forgery vulnerability
Moderate
CVE-2023-52555
was published
for
mongo-express
(npm)
Mar 1, 2024
REDCap 14.7.0 allows HTML injection via the project title of a New Project action. This can lead...
Moderate
Unreviewed
CVE-2024-45527
was published
Sep 2, 2024
WordPress plugin "Carousel Slider" provided by Sayful Islam contains a cross-site request forgery...
Moderate
Unreviewed
CVE-2024-45269
was published
Sep 2, 2024
WordPress plugin "Carousel Slider" provided by Sayful Islam contains a cross-site request forgery...
Moderate
Unreviewed
CVE-2024-45270
was published
Sep 2, 2024
DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /src...
High
Unreviewed
CVE-2024-30965
was published
Apr 2, 2024
A vulnerability has been found in SourceCodester Insurance Management System 1.0 and classified...
Moderate
Unreviewed
CVE-2024-8414
was published
Sep 4, 2024
An issue was discovered in za-internet C-MOR Video Surveillance 5.2401 and 6.00PL01. Due to...
Moderate
Unreviewed
CVE-2024-45172
was published
Sep 4, 2024
The WP Plugin Lister WordPress plugin through 2.1.0 does not have CSRF check in some places, and...
Moderate
Unreviewed
CVE-2023-6503
was published
Jan 29, 2024
Cross-site Request Forgery (CSRF) vulnerability in Lychee version 3.1.6, allows remote attackers...
High
Unreviewed
CVE-2024-25808
was published
Mar 22, 2024
ProTip!
Advisories are also available from the
GraphQL API