GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
6,370 advisories
Filter by severity
Cross-Site Request Forgery (CSRF) vulnerability in Sabri Taieb Sogrid allows Privilege Escalation...
High
Unreviewed
CVE-2024-54352
was published
Dec 16, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Micha I Plant A Tree allows Stored XSS.This...
High
Unreviewed
CVE-2024-54331
was published
Dec 16, 2024
The SIP Calculator plugin for WordPress is vulnerable to Cross-Site Request Forgery in all...
Moderate
Unreviewed
CVE-2024-12555
was published
Dec 14, 2024
Cross-Site Request Forgery (CSRF) vulnerability in DevriX DX Dark Site allows Stored XSS.This...
High
Unreviewed
CVE-2024-54337
was published
Dec 13, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Tom Landis Fancy Roller Scroller allows Stored...
High
Unreviewed
CVE-2024-54351
was published
Dec 13, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Neuralabz LTD. AutoWP allows Cross Site...
Moderate
Unreviewed
CVE-2024-54300
was published
Dec 13, 2024
Cross-Site Request Forgery (CSRF) vulnerability in KCT AIKCT Engine Chatbot, ChatGPT, Gemini, GPT...
Moderate
Unreviewed
CVE-2024-54306
was published
Dec 13, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Hive Support Hive Support – WordPress Help...
Moderate
Unreviewed
CVE-2024-54321
was published
Dec 13, 2024
Cross-Site Request Forgery (CSRF) vulnerability in AIpost AIcomments allows Cross Site Request...
Moderate
Unreviewed
CVE-2024-54307
was published
Dec 13, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Michael DUMONTET eewee admin custom allows...
High
Unreviewed
CVE-2024-54248
was published
Dec 13, 2024
Cross-Site Request Forgery (CSRF) vulnerability in ilGhera Woocommerce Support System allows...
Moderate
Unreviewed
CVE-2023-41686
was published
Dec 13, 2024
The Themify Store Locator plugin for WordPress is vulnerable to Cross-Site Request Forgery in all...
Moderate
Unreviewed
CVE-2024-12414
was published
Dec 13, 2024
The Hello In All Languages plugin for WordPress is vulnerable to Cross-Site Request Forgery in...
Moderate
Unreviewed
CVE-2024-12572
was published
Dec 13, 2024
The Arena.IM – Live Blogging for real-time events plugin for WordPress is vulnerable to Cross...
Moderate
Unreviewed
CVE-2024-12526
was published
Dec 12, 2024
The HQ Rental Software plugin for WordPress is vulnerable to Cross-Site Request Forgery in all...
High
Unreviewed
CVE-2024-11689
was published
Dec 12, 2024
The Password for WP plugin for WordPress is vulnerable to Cross-Site Request Forgery in all...
Moderate
Unreviewed
CVE-2024-11419
was published
Dec 12, 2024
The dejure.org Vernetzungsfunktion plugin for WordPress is vulnerable to Cross-Site Request...
Moderate
Unreviewed
CVE-2024-11417
was published
Dec 12, 2024
The web application is not protected against cross-site request forgery attacks. Therefore, an...
Moderate
Unreviewed
CVE-2024-28141
was published
Dec 11, 2024
The WPC Order Notes for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request...
Moderate
Unreviewed
CVE-2024-12004
was published
Dec 11, 2024
Avenwu Whistle Cross-Site Request Forgery (CSRF)
High
CVE-2024-55500
was published
for
whistle
(npm)
Dec 10, 2024
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.0), RUGGEDCOM...
High
Unreviewed
CVE-2020-28398
was published
Dec 10, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Karl Kiesinger Country Blocker allows Stored...
High
Unreviewed
CVE-2024-54226
was published
Dec 9, 2024
Cross-Site Request Forgery (CSRF) vulnerability in ThemeHunk TH Variation Swatches allows Cross...
Moderate
Unreviewed
CVE-2023-28688
was published
Dec 9, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Tickera.com Tickera allows Cross Site Request...
Moderate
Unreviewed
CVE-2023-23726
was published
Dec 9, 2024
A vulnerability was found in JFinalCMS 1.0. It has been declared as problematic. Affected by this...
Moderate
Unreviewed
CVE-2024-12349
was published
Dec 9, 2024
ProTip!
Advisories are also available from the
GraphQL API