GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,076
Erlang
29
GitHub Actions
19
Go
1,895
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
862
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
2,900 advisories
Filter by severity
The Himer WordPress theme before 2.1.1 does not have CSRF checks in some places, which could...
Moderate
Unreviewed
CVE-2024-2040
was published
Jul 3, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via admin/info_deal...
Moderate
Unreviewed
CVE-2024-39119
was published
Jul 2, 2024
Cross Site Request Forgery (CSRF) vulnerability in savignano S/Notify before 4.0.2 for Jira...
Moderate
Unreviewed
CVE-2024-23737
was published
Jul 2, 2024
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request forgery which could...
Moderate
Unreviewed
CVE-2024-31902
was published
Jun 30, 2024
The Floating Social Buttons plugin for WordPress is vulnerable to Cross-Site Request Forgery in...
Moderate
Unreviewed
CVE-2024-6405
was published
Jun 29, 2024
A Cross-Site Request Forgery (CSRF) vulnerability in version 0.5.0 of imartinez/privategpt allows...
Moderate
Unreviewed
CVE-2024-5935
was published
Jun 27, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component ...
Moderate
Unreviewed
CVE-2024-39153
was published
Jun 27, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component ...
Moderate
Unreviewed
CVE-2024-39155
was published
Jun 27, 2024
TruDesk Help Desk/Ticketing Solution v1.1.11 is vulnerable to a Cross-Site Request Forgery (CSRF)...
Moderate
Unreviewed
CVE-2021-45785
was published
Jun 24, 2024
A Cross-Site Request Forgery (CSRF) vulnerability exists in the 'Servers Configurations' function...
Moderate
Unreviewed
CVE-2024-4839
was published
Jun 24, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Dave Kiss Vimeography: Vimeo Video Gallery...
Moderate
Unreviewed
CVE-2024-35770
was published
Jun 21, 2024
Cross-Site Request Forgery (CSRF) vulnerability in presscustomizr Hueman.This issue affects...
Moderate
Unreviewed
CVE-2024-35772
was published
Jun 21, 2024
Cross Site Request Forgery (CSRF) vulnerability in Uncanny Owl Uncanny Automator Pro.This issue...
Moderate
Unreviewed
CVE-2024-37118
was published
Jun 21, 2024
Cross Site Request Forgery (CSRF) vulnerability in Tribulant Newsletters.This issue affects...
Moderate
Unreviewed
CVE-2024-37227
was published
Jun 21, 2024
Cross-Site Request Forgery (CSRF) vulnerability in blazethemes Digital Newspaper.This issue...
Moderate
Unreviewed
CVE-2024-37198
was published
Jun 21, 2024
Cross-Site Request Forgery (CSRF) vulnerability in presscustomizr Customizr.This issue affects...
Moderate
Unreviewed
CVE-2024-35771
was published
Jun 21, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Rara Theme Book Landing Page.This issue...
Moderate
Unreviewed
CVE-2024-37230
was published
Jun 21, 2024
The Widget Bundle WordPress plugin through 2.0.0 does not have CSRF checks when logging Widgets,...
Moderate
Unreviewed
CVE-2024-4969
was published
Jun 21, 2024
The WP Logs Book WordPress plugin through 1.0.1 does not have CSRF check in place when updating...
Moderate
Unreviewed
CVE-2024-4474
was published
Jun 21, 2024
The WP Logs Book WordPress plugin through 1.0.1 does not have CSRF check when clearing logs,...
Moderate
Unreviewed
CVE-2024-4475
was published
Jun 21, 2024
The CB (legacy) WordPress plugin through 0.9.4.18 does not have CSRF checks in some bulk actions,...
Moderate
Unreviewed
CVE-2024-4382
was published
Jun 21, 2024
Cross-Site Request Forgery (CSRF) vulnerability in GamiPress.This issue affects GamiPress: from n...
Moderate
Unreviewed
CVE-2023-25697
was published
Jun 19, 2024
The Paradox IP150 Internet Module in version 1.40.00 is vulnerable to Cross-Site Request Forgery ...
Moderate
Unreviewed
CVE-2024-5676
was published
Jun 19, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Averta Master Slider.This issue affects Master...
Moderate
Unreviewed
CVE-2023-50900
was published
Jun 19, 2024
The WP Prayer II WordPress plugin through 2.4.7 does not have CSRF check in place when updating...
Moderate
Unreviewed
CVE-2024-4751
was published
Jun 14, 2024
ProTip!
Advisories are also available from the
GraphQL API