Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+

2,620 advisories

Loading
FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ... High Unreviewed
CVE-2024-42632 was published Aug 12, 2024
FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ... High Unreviewed
CVE-2024-42628 was published Aug 12, 2024
FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ... High Unreviewed
CVE-2024-42624 was published Aug 12, 2024
A Cross-Site Request Forgery (CSRF) vulnerability was found in the Kashipara Live Membership... High Unreviewed
CVE-2024-40488 was published Aug 12, 2024
A Cross-Site Request Forgery (CSRF) vulnerability was found in SourceCodester Best House Rental... High Unreviewed
CVE-2024-40476 was published Aug 12, 2024
The MainWP Child Reports plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... High Unreviewed
CVE-2024-7492 was published Aug 8, 2024
The Light Poll WordPress plugin through 1.0.0 does not have CSRF checks in some places, which... High Unreviewed
CVE-2024-6720 was published Aug 6, 2024
gotortc vulnerable to Cross-Site Request Forgery High
CVE-2024-29192 was published for github.com/AlexxIT/go2rtc (Go) Aug 5, 2024
Owncast Cross-Site Request Forgery vulnerability High
CVE-2024-29026 was published for github.com/owncast/owncast (Go) Aug 5, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Martin Gibson WP GoToWebinar allows Cross-Site... High Unreviewed
CVE-2024-38776 was published Aug 2, 2024
The WordPress Menu Plugin — Superfly Responsive Menu plugin for WordPress is vulnerable to Cross... High Unreviewed
CVE-2024-3238 was published Aug 2, 2024
Cross-site request forgery vulnerability exists in ELECOM wireless LAN routers. Viewing a... High Unreviewed
CVE-2024-40883 was published Aug 1, 2024
A Server-Side Request Forgery (SSRF) in the Plugins Page of WonderCMS v3.4.3 allows attackers to... High Unreviewed
CVE-2024-41305 was published Jul 30, 2024
The PZ Frontend Manager WordPress plugin before 1.0.6 does not have CSRF checks in some places,... High Unreviewed
CVE-2024-6244 was published Jul 22, 2024
Cross Site Request Forgery vulnerability in Spina CMS v.2.18.0 and before allows a remote... High Unreviewed
CVE-2024-41602 was published Jul 19, 2024
Nepstech Wifi Router xpon (terminal) model NTPL-Xpon1GFEVN v.1.0 Firmware V2.0.1 contains a Cross... High Unreviewed
CVE-2024-40119 was published Jul 17, 2024
The wp-cart-for-digital-products WordPress plugin before 8.5.5 does not have CSRF checks in some... High Unreviewed
CVE-2024-6075 was published Jul 15, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Seraphinite Solutions Seraphinite Accelerator ... High Unreviewed
CVE-2024-37940 was published Jul 12, 2024
Cross-Site Request Forgery (CSRF) vulnerability in WPJohnny, zerOneIT Comment Reply Email allows... High Unreviewed
CVE-2024-35773 was published Jul 12, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Ali2Woo Team Ali2Woo Lite allows Cross-Site... High Unreviewed
CVE-2024-37213 was published Jul 12, 2024
The ContentLock WordPress plugin through 1.0.3 does not have CSRF check in place when adding... High Unreviewed
CVE-2024-6023 was published Jul 12, 2024
The ContentLock WordPress plugin through 1.0.3 does not have CSRF check in place when updating... High Unreviewed
CVE-2024-6022 was published Jul 12, 2024
The VikRentCar Car Rental Management System WordPress plugin before 1.3.2 does not have CSRF... High Unreviewed
CVE-2024-1845 was published Jul 11, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ... High Unreviewed
CVE-2024-40332 was published Jul 10, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ... High Unreviewed
CVE-2024-40334 was published Jul 10, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database