GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
3,009 advisories
Filter by severity
Zimbra GraphQL Cross-Site Request Forgery Information Disclosure Vulnerability. This...
Moderate
Unreviewed
CVE-2024-9665
was published
Nov 22, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Vivwebs Dynamic Widgets.This issue affects...
Moderate
Unreviewed
CVE-2024-51669
was published
Nov 20, 2024
Cross-Site Request Forgery (CSRF) vulnerability in W3speedster W3SPEEDSTER.This issue affects...
Moderate
Unreviewed
CVE-2024-52392
was published
Nov 20, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Repute InfoSystems ARMember, Repute...
Moderate
Unreviewed
CVE-2022-47424
was published
Nov 19, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Creative Motion Disable Admin Notices...
Moderate
Unreviewed
CVE-2024-52420
was published
Nov 19, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Deepak Khokhar, Surender Khokhar Manage User...
Moderate
Unreviewed
CVE-2024-51686
was published
Nov 19, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Automattic, Inc. Crowdsignal Dashboard – Polls...
Moderate
Unreviewed
CVE-2024-43338
was published
Nov 19, 2024
The 404 Error Monitor plugin for WordPress is vulnerable to Cross-Site Request Forgery in all...
Moderate
Unreviewed
CVE-2024-11118
was published
Nov 16, 2024
The EleForms – All In One Form Integration including DB for Elementor plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-6628
was published
Nov 16, 2024
07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component ...
Moderate
Unreviewed
CVE-2024-51156
was published
Nov 15, 2024
VaeMendis - CWE-352: Cross-Site Request Forgery (CSRF)
Moderate
Unreviewed
CVE-2024-47914
was published
Nov 14, 2024
The WPForms – Easy Form Builder for WordPress – Contact Forms, Payment Forms, Surveys, & More...
Moderate
Unreviewed
CVE-2024-10593
was published
Nov 13, 2024
The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to Cross-Site Request...
Moderate
Unreviewed
CVE-2024-11143
was published
Nov 13, 2024
SOCIFI Socifi Guest wifi as SAAS is affected by Cross Site Request Forgery (CSRF) via the Socifi...
Moderate
Unreviewed
CVE-2021-27701
was published
Nov 13, 2024
Cross Site Request Forgery vulnerability in DLink DWR 2000M 5G CPE With Wifi 6 Ax1800 and Dlink...
Moderate
Unreviewed
CVE-2024-28731
was published
Nov 13, 2024
A vulnerability was found in GetSimpleCMS 3.3.16 and classified as problematic. This issue...
Moderate
Unreviewed
CVE-2024-11125
was published
Nov 12, 2024
07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
Moderate
Unreviewed
CVE-2024-51157
was published
Nov 8, 2024
The Featured Posts Scroll plugin for WordPress is vulnerable to Cross-Site Request Forgery in all...
Moderate
Unreviewed
CVE-2024-10922
was published
Nov 7, 2024
The Post From Frontend WordPress plugin through 1.0.0 does not have CSRF check when deleting...
Moderate
Unreviewed
CVE-2024-9689
was published
Nov 5, 2024
A Cross-Site Request Forgery (CSRF) vulnerability in Chamilo LMS 1.11.26 "/main/social/home.php,"...
Moderate
Unreviewed
CVE-2024-30617
was published
Nov 4, 2024
IBM CICS TX Standard 11.1 is vulnerable to cross-site request forgery which could allow an...
Moderate
Unreviewed
CVE-2024-41744
was published
Nov 1, 2024
Broken Access Control vulnerability in Nickolas Bossinas WordPress File Upload allows Exploiting...
Moderate
Unreviewed
CVE-2024-39639
was published
Nov 1, 2024
A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been...
Moderate
Unreviewed
CVE-2024-10605
was published
Nov 1, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Smash Balloon Custom Twitter Feeds (Tweets...
Moderate
Unreviewed
CVE-2024-49685
was published
Oct 31, 2024
Cross-Site Request Forgery (CSRF) vulnerability in WPMobile.App allows Stored XSS.This issue...
Moderate
Unreviewed
CVE-2024-43933
was published
Oct 31, 2024
ProTip!
Advisories are also available from the
GraphQL API