GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
6,194 advisories
Filter by severity
Cross-site Resource Forgery (CSRF), Privilege escalation vulnerability in Apache Roller. On multi...
Moderate
Unreviewed
CVE-2024-46911
was published
Oct 14, 2024
A vulnerability in parisneo/lollms-webui version 9.8 allows for a Denial of Service (DOS) attack...
High
Unreviewed
CVE-2024-6959
was published
Oct 13, 2024
The ImagePress – Image Gallery plugin for WordPress is vulnerable to Cross-Site Request Forgery...
Moderate
Unreviewed
CVE-2024-9778
was published
Oct 12, 2024
The Easy PayPal Gift Certificate plugin for WordPress is vulnerable to Cross-Site Request Forgery...
Moderate
Unreviewed
CVE-2024-9592
was published
Oct 12, 2024
The Newsletter, SMTP, Email marketing and Subscribe forms by Brevo (formely Sendinblue) plugin...
Moderate
Unreviewed
CVE-2024-8477
was published
Oct 10, 2024
3DSecure 2.0 allows CSRF in the Authorization Method via modified Origin and Referer HTTP headers.
High
Unreviewed
CVE-2024-25286
was published
Oct 9, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Nicejob NiceJob allows Stored XSS.This issue...
High
Unreviewed
CVE-2024-44028
was published
Oct 6, 2024
Cross-Site Request Forgery (CSRF) vulnerability in TinyPNG.This issue affects TinyPNG: from n/a...
Moderate
Unreviewed
CVE-2024-47635
was published
Oct 5, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Copyscape / Indigo Stream Technologies...
High
Unreviewed
CVE-2024-47644
was published
Oct 5, 2024
Cross-Site Request Forgery (CSRF) vulnerability in The Wikimedia Foundation Mediawiki - Cargo...
Moderate
Unreviewed
CVE-2024-47846
was published
Oct 5, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Microchip TimeProvider 4100 allows Cross Site...
High
Unreviewed
CVE-2024-43684
was published
Oct 4, 2024
The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction &...
Moderate
Unreviewed
CVE-2024-8520
was published
Oct 4, 2024
The TEM Opera Plus FM Family Transmitter application interface allows users to perform certain...
High
Unreviewed
CVE-2024-41987
was published
Oct 3, 2024
A security vulnerability in HPE IceWall Agent products could be exploited remotely to cause a...
Moderate
Unreviewed
CVE-2024-42504
was published
Oct 3, 2024
Cross site request forgery in Kiteworks OwnCloud allows an unauthenticated attacker to forge...
Moderate
Unreviewed
CVE-2023-7273
was published
Oct 1, 2024
Certain switch models from PLANET Technology have a web application that is vulnerable to Cross...
High
Unreviewed
CVE-2024-8458
was published
Sep 30, 2024
Advantech ADAM-5630 contains a cross-site request forgery (CSRF) vulnerability. It allows an...
High
Unreviewed
CVE-2024-28948
was published
Sep 27, 2024
A vulnerability was found in bg5sbk MiniCMS up to 1.11 and classified as problematic. This issue...
Moderate
Unreviewed
CVE-2024-9281
was published
Sep 27, 2024
A vulnerability was found in bg5sbk MiniCMS 1.11. It has been classified as problematic. Affected...
Moderate
Unreviewed
CVE-2024-9282
was published
Sep 27, 2024
Projectworld Online Voting System Version 1.0 is vulnerable to Cross Site Request Forgery (CSRF)...
Moderate
Unreviewed
CVE-2024-45987
was published
Sep 26, 2024
A Cross-Site Request Forgery (CSRF) vulnerability exists in kishan0725's Hospital Management...
Moderate
Unreviewed
CVE-2024-45983
was published
Sep 26, 2024
MZK-DP300N firmware versions 1.04 and earlier contains a cross-site request forger vulnerability....
Moderate
Unreviewed
CVE-2024-45372
was published
Sep 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Dnesscarkey Use Any Font allows Cross Site...
Moderate
Unreviewed
CVE-2024-47305
was published
Sep 25, 2024
Cross-Site Request Forgery (CSRF) vulnerability in GiveWP.This issue affects GiveWP: from n/a...
Moderate
Unreviewed
CVE-2024-47315
was published
Sep 25, 2024
dingfanzu CMS 1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via...
Moderate
Unreviewed
CVE-2024-46600
was published
Sep 25, 2024
ProTip!
Advisories are also available from the
GraphQL API