Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

3,360 advisories

Loading
Cross-Site Request Forgery (CSRF) vulnerability in PINPOINT.WORLD Pinpoint Booking System allows... Moderate Unreviewed
CVE-2024-49304 was published Oct 17, 2024
Cross-site request forgery vulnerability in Energy Management Controller with Cloud Services JH... Moderate Unreviewed
CVE-2024-23785 was published Oct 17, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Sumit Surai Featured Posts with Multiple... Moderate Unreviewed
CVE-2024-48031 was published Oct 17, 2024
Cross-Site Request Forgery (CSRF) vulnerability in A WP Life Contact Form Widget allows Cross... Moderate Unreviewed
CVE-2024-48037 was published Oct 17, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Razon Komar Pal Linked Variation for... Moderate Unreviewed
CVE-2024-48047 was published Oct 17, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Hans Matzen wp-Monalisa allows Cross Site... Moderate Unreviewed
CVE-2024-48038 was published Oct 17, 2024
The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is... Moderate Unreviewed
CVE-2024-9352 was published Oct 17, 2024
The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is... Moderate Unreviewed
CVE-2024-9351 was published Oct 17, 2024
Cross-Site Request Forgery (CSRF) vulnerability in The Wikimedia Foundation Mediawiki - Cargo... Moderate Unreviewed
CVE-2024-47846 was published Oct 5, 2024
The WP ULike – The Ultimate Engagement Toolkit for Websites plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-9649 was published Oct 16, 2024
IBM Watson Studio Local 1.2.3 is vulnerable to cross-site request forgery which could allow an... Moderate Unreviewed
CVE-2024-49340 was published Oct 16, 2024
Phpgurukul User Registration & Login and User Management System 3.2 is vulnerable to Cross Site... Moderate Unreviewed
CVE-2024-48278 was published Oct 15, 2024
Plone contains Cross-site Request Forgery Moderate
CVE-2012-5500 was published for plone (pip) May 17, 2022
In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions... Moderate Unreviewed
CVE-2024-45737 was published Oct 14, 2024
The ImagePress – Image Gallery plugin for WordPress is vulnerable to Cross-Site Request Forgery... Moderate Unreviewed
CVE-2024-9778 was published Oct 12, 2024
The Easy PayPal Gift Certificate plugin for WordPress is vulnerable to Cross-Site Request Forgery... Moderate Unreviewed
CVE-2024-9592 was published Oct 12, 2024
The Link Library WordPress plugin before 7.2.8 does not have CSRF check when resetting library... Moderate Unreviewed
CVE-2021-25092 was published Feb 2, 2022
The Newsletter, SMTP, Email marketing and Subscribe forms by Brevo (formely Sendinblue) plugin... Moderate Unreviewed
CVE-2024-8477 was published Oct 10, 2024
The Splashscreen WordPress plugin through 0.20 does not have CSRF check in place when updating... Moderate Unreviewed
CVE-2023-6501 was published Feb 12, 2024
The lasTunes WordPress plugin through 3.6.1 does not have CSRF check in some places, and is... Moderate Unreviewed
CVE-2023-6499 was published Feb 12, 2024
furlongm openvpn-monitor allows CSRF to disconnect an arbitrary client Moderate
CVE-2021-31604 was published for openvpn-monitor (pip) May 24, 2022
The AZIndex WordPress plugin through 0.8.1 does not have CSRF check in some places, and is... Moderate Unreviewed
CVE-2024-7687 was published Sep 9, 2024
The Snapshot Backup WordPress plugin through 2.1.1 does not have CSRF check in some places, and... Moderate Unreviewed
CVE-2024-7689 was published Sep 9, 2024
The DN Popup WordPress plugin through 1.2.2 does not have CSRF check in place when updating its... Moderate Unreviewed
CVE-2024-7690 was published Sep 2, 2024
The adstxt Plugin WordPress plugin through 1.0.0 does not have CSRF check in place when updating... Moderate Unreviewed
CVE-2024-7892 was published Sep 25, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database