GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,923
Composer 4,050
Erlang 29
GitHub Actions 19
Go 1,876
Maven 5,071
npm 3,602
NuGet 638
pip 3,199
Pub 10
RubyGems 852
Rust 813
Swift 35

Unreviewed advisories

All unreviewed 226,937

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

3,234 advisories

Filter by severity

Sort by

Least recently updated

REDCap 14.7.0 allows HTML injection via the project title of a New Project action. This can lead... Moderate Unreviewed

CVE-2024-45527 was published Sep 2, 2024

mongo-express Cross-site Request Forgery vulnerability Moderate

CVE-2023-52555 was published for mongo-express (npm) Mar 1, 2024

The Tourfic plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up... Moderate Unreviewed

CVE-2024-8319 was published Aug 30, 2024

Cross Site Request Forgery (CSRF) vulnerability in savignano S/Notify before 4.0.2 for Jira... Moderate Unreviewed

CVE-2024-23737 was published Jul 2, 2024

Cross-Site Request Forgery (CSRF) vulnerability in Dinesh Karki WP Armour Extended.This issue... Moderate Unreviewed

CVE-2024-43947 was published Aug 29, 2024

The Coru LFMember WordPress plugin through 1.0.2 does not have CSRF check in place when adding a... Moderate Unreviewed

CVE-2022-1618 was published Jan 16, 2024

flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component... Moderate Unreviewed

CVE-2024-26445 was published Feb 22, 2024

Cross Site Request Forgery vulnerability in GNU Savane v.3.12 and before allows a remote attacker... Moderate Unreviewed

CVE-2024-27631 was published Apr 8, 2024

A Cross-Site Request Forgery (CSRF) vulnerability was found in Kashipara Music Management System... Moderate Unreviewed

CVE-2024-42793 was published Aug 28, 2024

DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ... Moderate Unreviewed

CVE-2024-28681 was published Mar 13, 2024

DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ... Moderate Unreviewed

CVE-2024-28677 was published Mar 13, 2024

DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ... Moderate Unreviewed

CVE-2024-28682 was published Mar 13, 2024

DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ... Moderate Unreviewed

CVE-2024-28669 was published Mar 13, 2024

The Smart Forms WordPress plugin before 2.6.87 does not have authorisation in various AJAX... Moderate Unreviewed

CVE-2023-7203 was published Feb 27, 2024

Cross-site request forgery (CSRF) vulnerability in easy-popup-show all versions allows a remote... Moderate Unreviewed

CVE-2024-29009 was published Mar 25, 2024

The Reviews Feed – Add Testimonials and Customer Reviews From Google Reviews, Yelp, TripAdvisor,... Moderate Unreviewed

CVE-2024-8200 was published Aug 27, 2024

The Visual Sound plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions... Moderate Unreviewed

CVE-2024-8197 was published Aug 27, 2024

Cross-Site Request Forgery (CSRF) vulnerability in Passionate Programmers B.V. WP Data Access... Moderate Unreviewed

CVE-2024-43295 was published Aug 26, 2024

Cross-Site Request Forgery (CSRF) vulnerability in Softaculous Team SpeedyCache.This issue... Moderate Unreviewed

CVE-2024-43299 was published Aug 26, 2024

Cross-Site Request Forgery (CSRF) vulnerability in Analytify.This issue affects Analytify: from n... Moderate Unreviewed

CVE-2024-43265 was published Aug 26, 2024

Cross-Site Request Forgery (CSRF) vulnerability in WP User Manager.This issue affects WP User... Moderate Unreviewed

CVE-2024-43336 was published Aug 26, 2024

Cross-Site Request Forgery (CSRF) vulnerability in Checkout Plugins Stripe Payments For... Moderate Unreviewed

CVE-2024-43316 was published Aug 26, 2024

Cross-Site Request Forgery (CSRF) vulnerability in Nasirahmed Advanced Form Integration.This... Moderate Unreviewed

CVE-2024-43340 was published Aug 26, 2024

Cross-Site Request Forgery (CSRF) vulnerability in Brave Brave Popup Builder.This issue affects... Moderate Unreviewed

CVE-2024-43337 was published Aug 26, 2024

Cross-Site Request Forgery (CSRF) vulnerability in WebinarPress allows Cross-Site Scripting (XSS)... Moderate Unreviewed

CVE-2024-43339 was published Aug 26, 2024

Previous 1 2 3 4 5 … 129 130 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,234 advisories