GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,921
Composer 4,050
Erlang 29
GitHub Actions 19
Go 1,876
Maven 5,070
npm 3,602
NuGet 638
pip 3,198
Pub 10
RubyGems 852
Rust 813
Swift 35

Unreviewed advisories

All unreviewed 226,938

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

5,261 advisories

Filter by severity

Sort by

Least recently updated

REDCap 14.7.0 allows HTML injection via the project title of a New Project action. This can lead... Moderate Unreviewed

CVE-2024-45527 was published Sep 2, 2024

The Tourfic plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up... Moderate Unreviewed

CVE-2024-8319 was published Aug 30, 2024

Cross Site Request Forgery (CSRF) vulnerability in savignano S/Notify before 4.0.2 for Jira... Moderate Unreviewed

CVE-2024-23737 was published Jul 2, 2024

Cross-Site Request Forgery (CSRF) vulnerability in Dinesh Karki WP Armour Extended.This issue... Moderate Unreviewed

CVE-2024-43947 was published Aug 29, 2024

The Coru LFMember WordPress plugin through 1.0.2 does not have CSRF check in place when adding a... Moderate Unreviewed

CVE-2022-1618 was published Jan 16, 2024

flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component... Moderate Unreviewed

CVE-2024-26445 was published Feb 22, 2024

Cross Site Request Forgery vulnerability in GNU Savane v.3.12 and before allows a remote attacker... Moderate Unreviewed

CVE-2024-27631 was published Apr 8, 2024

A Cross-Site Request Forgery (CSRF) vulnerability was found in Kashipara Music Management System... Moderate Unreviewed

CVE-2024-42793 was published Aug 28, 2024

DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ... Moderate Unreviewed

CVE-2024-28681 was published Mar 13, 2024

DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ... Moderate Unreviewed

CVE-2024-28677 was published Mar 13, 2024

DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ... Moderate Unreviewed

CVE-2024-28682 was published Mar 13, 2024

DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ... Moderate Unreviewed

CVE-2024-28669 was published Mar 13, 2024

The Smart Forms WordPress plugin before 2.6.87 does not have authorisation in various AJAX... Moderate Unreviewed

CVE-2023-7203 was published Feb 27, 2024

Cross-site request forgery (CSRF) vulnerability in easy-popup-show all versions allows a remote... Moderate Unreviewed

CVE-2024-29009 was published Mar 25, 2024

Cross Site Request Forgery vulnerability in FlyCms v.1.0 allows a remote attacker to execute... High Unreviewed

CVE-2024-22939 was published Feb 29, 2024

A cross-site request forgery (CSRF) vulnerability in the admin panel in SkySystem Arfa-CMS before... High Unreviewed

CVE-2024-45264 was published Aug 27, 2024

The Reviews Feed – Add Testimonials and Customer Reviews From Google Reviews, Yelp, TripAdvisor,... Moderate Unreviewed

CVE-2024-8200 was published Aug 27, 2024

The Visual Sound plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions... Moderate Unreviewed

CVE-2024-8197 was published Aug 27, 2024

Cross-Site Request Forgery (CSRF) vulnerability in Passionate Programmers B.V. WP Data Access... Moderate Unreviewed

CVE-2024-43295 was published Aug 26, 2024

Cross-Site Request Forgery (CSRF) vulnerability in Softaculous Team SpeedyCache.This issue... Moderate Unreviewed

CVE-2024-43299 was published Aug 26, 2024

Cross-Site Request Forgery (CSRF) vulnerability in Analytify.This issue affects Analytify: from n... Moderate Unreviewed

CVE-2024-43265 was published Aug 26, 2024

Cross-Site Request Forgery (CSRF) vulnerability in Fonts Plugin Fonts allows Stored XSS.This... High Unreviewed

CVE-2024-43301 was published Aug 26, 2024

Cross-Site Request Forgery (CSRF) vulnerability in WP User Manager.This issue affects WP User... Moderate Unreviewed

CVE-2024-43336 was published Aug 26, 2024

Cross-Site Request Forgery (CSRF) vulnerability in Checkout Plugins Stripe Payments For... Moderate Unreviewed

CVE-2024-43316 was published Aug 26, 2024

Cross-Site Request Forgery (CSRF) vulnerability in Nasirahmed Advanced Form Integration.This... Moderate Unreviewed

CVE-2024-43340 was published Aug 26, 2024

Previous 1 2 3 4 5 … 210 211 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

5,261 advisories