Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,050
Erlang
29
GitHub Actions
19
Go
1,876
Maven
5,000+
npm
3,602
NuGet
638
pip
3,198
Pub
10
RubyGems
852
Rust
813
Swift
35
Unreviewed advisories
All unreviewed
5,000+

5,949 advisories

The Download Plugins and Themes in ZIP from Dashboard plugin for WordPress is vulnerable to Cross... Moderate Unreviewed
CVE-2024-7501 was published Aug 16, 2024
The Theme My Login plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed
CVE-2024-7422 was published Aug 16, 2024
DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ... Moderate Unreviewed
CVE-2024-28670 was published Mar 13, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Xyzscripts Insert PHP Code Snippet.This issue... Moderate Unreviewed
CVE-2024-43275 was published Aug 15, 2024
The Insert PHP Code Snippet plugin for WordPress is vulnerable to Cross-Site Request Forgery in... Moderate Unreviewed
CVE-2024-7420 was published Aug 15, 2024
Cross-Site Request Forgery in Spina Moderate
CVE-2024-7106 was published for spina (RubyGems) Jul 25, 2024
flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component... High Unreviewed
CVE-2024-26352 was published Feb 22, 2024
flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component... Moderate Unreviewed
CVE-2024-26349 was published Feb 22, 2024
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a... Moderate Unreviewed
CVE-2024-39408 was published Aug 14, 2024
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a... Moderate Unreviewed
CVE-2024-39410 was published Aug 14, 2024
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by a... Moderate Unreviewed
CVE-2024-39409 was published Aug 14, 2024
Dedecms v5.7.112 was discovered to contain a Cross-Site Request Forgery (CSRF) in the file manager. High Unreviewed
CVE-2023-52047 was published Feb 28, 2024
FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ... High Unreviewed
CVE-2024-42623 was published Aug 12, 2024
FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ... High Unreviewed
CVE-2024-42628 was published Aug 12, 2024
FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ... High Unreviewed
CVE-2024-42624 was published Aug 12, 2024
FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ... High Unreviewed
CVE-2024-42626 was published Aug 12, 2024
FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ... High Unreviewed
CVE-2024-42627 was published Aug 12, 2024
FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ... High Unreviewed
CVE-2024-42632 was published Aug 12, 2024
FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ... High Unreviewed
CVE-2024-42631 was published Aug 12, 2024
FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ... High Unreviewed
CVE-2024-42630 was published Aug 12, 2024
Cross-Site Request Forgery (CSRF), Improper Neutralization of Input During Web Page Generation ... High Unreviewed
CVE-2024-38724 was published Aug 13, 2024
A Cross-Site Request Forgery (CSRF) vulnerability was found in SourceCodester Best House Rental... High Unreviewed
CVE-2024-40476 was published Aug 12, 2024
A Cross-Site Request Forgery (CSRF) vulnerability was found in the Kashipara Live Membership... High Unreviewed
CVE-2024-40488 was published Aug 12, 2024
FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ... Moderate Unreviewed
CVE-2024-42629 was published Aug 12, 2024
FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ... Moderate Unreviewed
CVE-2024-42625 was published Aug 12, 2024
ProTip! Advisories are also available from the GraphQL API