GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,777
Composer 4,248
Erlang 31
GitHub Actions 21
Go 2,014
Maven 5,201
npm 3,721
NuGet 662
pip 3,393
Pub 11
RubyGems 890
Rust 852
Swift 36

Unreviewed advisories

All unreviewed 236,143

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

3,371 advisories

Filter by severity

Sort by

Least recently updated

Cross-Site Request Forgery (CSRF) vulnerability in WPMU DEV Hummingbird.This issue affects... Moderate Unreviewed

CVE-2024-43117 was published Aug 26, 2024

Cross-Site Request Forgery (CSRF) vulnerability in ThimPress LearnPress.This issue affects... Moderate Unreviewed

CVE-2024-39641 was published Aug 26, 2024

Cross-Site Request Forgery (CSRF) vulnerability in Themeum Tutor LMS.This issue affects Tutor LMS... Moderate Unreviewed

CVE-2024-39645 was published Aug 26, 2024

Cross-Site Request Forgery (CSRF) vulnerability in 10up Simple Local Avatars.This issue affects... Moderate Unreviewed

CVE-2024-43116 was published Aug 26, 2024

Cross-Site Request Forgery (CSRF) vulnerability in Saturday Drive Ninja Forms.This issue affects... Moderate Unreviewed

CVE-2024-39628 was published Aug 26, 2024

The ImageRecycle pdf & image compression plugin for WordPress is vulnerable to Cross-Site Request... Moderate Unreviewed

CVE-2024-8120 was published Aug 24, 2024

A Cross-Site Request Forgery (CSRF) vulnerability was found in Kashipara Hotel Management System... Moderate Unreviewed

CVE-2024-42768 was published Aug 22, 2024

IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 is vulnerable to cross-site... Moderate Unreviewed

CVE-2024-39744 was published Aug 22, 2024

Mattermost Cross-Site Request Forgery vulnerability Moderate

CVE-2024-40886 was published for github.com/mattermost/mattermost/server/v8 (Go) Aug 22, 2024

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE)... Moderate Unreviewed

CVE-2024-20486 was published Aug 21, 2024

The OTA Sync Booking Engine Widget plugin for WordPress is vulnerable to Cross-Site Request... Moderate Unreviewed

CVE-2024-7647 was published Aug 21, 2024

A Cross-Site Request Forgery (CSRF) in the component edit_group.php of Warehouse Inventory System... Moderate Unreviewed

CVE-2024-42580 was published Aug 20, 2024

Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ... Moderate Unreviewed

CVE-2024-42603 was published Aug 20, 2024

Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ... Moderate Unreviewed

CVE-2024-42606 was published Aug 20, 2024

The BP Profile Search plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed

CVE-2024-7850 was published Aug 20, 2024

The Bricks theme for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and... Moderate Unreviewed

CVE-2023-3408 was published Aug 17, 2024

The Bricks theme for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and... Moderate Unreviewed

CVE-2023-3409 was published Aug 17, 2024

The Short URL plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to,... Moderate Unreviewed

CVE-2023-1604 was published Aug 17, 2024

The Download Plugins and Themes in ZIP from Dashboard plugin for WordPress is vulnerable to Cross... Moderate Unreviewed

CVE-2024-7501 was published Aug 16, 2024

The Theme My Login plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed

CVE-2024-7422 was published Aug 16, 2024

Cross-Site Request Forgery (CSRF) vulnerability in Xyzscripts Insert PHP Code Snippet.This issue... Moderate Unreviewed

CVE-2024-43275 was published Aug 15, 2024

The Insert PHP Code Snippet plugin for WordPress is vulnerable to Cross-Site Request Forgery in... Moderate Unreviewed

CVE-2024-7420 was published Aug 15, 2024

Magento Open Source Cross-Site Request Forgery vulnerability Moderate

CVE-2024-39408 was published for magento/community-edition (Composer) Aug 14, 2024

Magento Open Source Cross-Site Request Forgery (CSRF) vulnerability Moderate

CVE-2024-39409 was published for magento/community-edition (Composer) Aug 14, 2024

Magento Open Source Cross-Site Request Forgery (CSRF) vulnerability Moderate

CVE-2024-39410 was published for magento/community-edition (Composer) Aug 14, 2024

Previous 1 2 … 5 6 7 8 9 … 134 135 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,371 advisories