GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,049
Erlang
29
GitHub Actions
18
Go
1,871
Maven
5,000+
npm
3,597
NuGet
638
pip
3,198
Pub
10
RubyGems
852
Rust
809
Swift
35
Unreviewed advisories
All unreviewed
5,000+
5,948 advisories
Filter by severity
A Cross-Site Request Forgery vulnerability in GitHub Enterprise Server allowed write operations...
Moderate
Unreviewed
CVE-2024-5815
was published
Jul 17, 2024
The wp-cart-for-digital-products WordPress plugin before 8.5.5 does not have CSRF checks in some...
High
Unreviewed
CVE-2024-6075
was published
Jul 15, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Seraphinite Solutions Seraphinite Accelerator ...
High
Unreviewed
CVE-2024-37940
was published
Jul 12, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Ali2Woo Team Ali2Woo Lite allows Cross-Site...
High
Unreviewed
CVE-2024-37213
was published
Jul 12, 2024
Cross-Site Request Forgery (CSRF) vulnerability in VolThemes Patricia Lite.This issue affects...
Moderate
Unreviewed
CVE-2024-37939
was published
Jul 12, 2024
Cross-Site Request Forgery (CSRF) vulnerability in WPJohnny, zerOneIT Comment Reply Email allows...
High
Unreviewed
CVE-2024-35773
was published
Jul 12, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Internal Link Juicer Internal Link Juicer: SEO...
Moderate
Unreviewed
CVE-2024-37941
was published
Jul 12, 2024
Cross-Site Request Forgery (CSRF) vulnerability in MyThemeShop SociallyViral.This issue affects...
Moderate
Unreviewed
CVE-2024-37938
was published
Jul 12, 2024
The ContentLock WordPress plugin through 1.0.3 does not have CSRF check in place when adding...
High
Unreviewed
CVE-2024-6023
was published
Jul 12, 2024
The ContentLock WordPress plugin through 1.0.3 does not have CSRF check in place when updating...
High
Unreviewed
CVE-2024-6022
was published
Jul 12, 2024
The VikRentCar Car Rental Management System WordPress plugin before 1.3.2 does not have CSRF...
High
Unreviewed
CVE-2024-1845
was published
Jul 11, 2024
A vulnerability has been found in SourceCodester Employee and Visitor Gate Pass Logging System 1...
Moderate
Unreviewed
CVE-2024-6649
was published
Jul 10, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ...
High
Unreviewed
CVE-2024-40329
was published
Jul 10, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ...
High
Unreviewed
CVE-2024-40331
was published
Jul 10, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ...
High
Unreviewed
CVE-2024-40332
was published
Jul 10, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ...
High
Unreviewed
CVE-2024-40334
was published
Jul 10, 2024
Cross-Site request forgery in Checkmk < 2.3.0p8, < 2.2.0p29, < 2.1.0p45, and <= 2.0.0p39 (EOL)...
High
Unreviewed
CVE-2024-28828
was published
Jul 10, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ...
Moderate
Unreviewed
CVE-2024-40328
was published
Jul 10, 2024
Insecure handling of GET header parameter file included in requests being sent to an instance of...
High
Unreviewed
CVE-2024-3798
was published
Jul 10, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ...
Moderate
Unreviewed
CVE-2024-40038
was published
Jul 9, 2024
Lime Survey <= 6.5.12 is vulnerable to Cross Site Request Forgery (CSRF). The YII_CSRF_TOKEN is...
High
Unreviewed
CVE-2024-39063
was published
Jul 9, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ...
High
Unreviewed
CVE-2024-40039
was published
Jul 9, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ...
Moderate
Unreviewed
CVE-2024-40035
was published
Jul 9, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ...
High
Unreviewed
CVE-2024-40037
was published
Jul 9, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ...
High
Unreviewed
CVE-2024-40034
was published
Jul 9, 2024
ProTip!
Advisories are also available from the
GraphQL API