GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,285
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,741
NuGet
668
pip
3,422
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+
3,431 advisories
Filter by severity
Cross-Site Request Forgery (CSRF) vulnerability in Martin Gibson IdeaPush allows Cross Site...
Moderate
Unreviewed
CVE-2024-49275
was published
Oct 20, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Gora Tech LLC Cooked Pro allows Cross Site...
Moderate
Unreviewed
CVE-2024-49290
was published
Oct 20, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Infomaniak Staff VOD Infomaniak allows Cross...
Moderate
Unreviewed
CVE-2024-49274
was published
Oct 20, 2024
Cross-Site Request Forgery (CSRF) vulnerability in WP-buy WP Content Copy Protection & No Right...
Moderate
Unreviewed
CVE-2024-49306
was published
Oct 20, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Streamline.Lv CartBounty – Save and recover...
Moderate
Unreviewed
CVE-2024-47634
was published
Oct 20, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Michael Tran Table of Contents Plus allows...
Moderate
Unreviewed
CVE-2024-49250
was published
Oct 20, 2024
Cross-Site Request Forgery (CSRF) vulnerability in WhileTrue Most And Least Read Posts Widget...
Moderate
Unreviewed
CVE-2024-49628
was published
Oct 20, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Noor Alam WordPress Image SEO allows Cross...
Moderate
Unreviewed
CVE-2024-49627
was published
Oct 20, 2024
Cross-Site Request Forgery (CSRF) vulnerability in WPWeb Social Auto Poster allows Cross Site...
Moderate
Unreviewed
CVE-2024-49272
was published
Oct 20, 2024
The EventON PRO - WordPress Virtual Event Calendar Plugin plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2023-6243
was published
Oct 19, 2024
The Infinite-Scroll plugin for WordPress is vulnerable to Cross-Site Request Forgery in all...
Moderate
Unreviewed
CVE-2024-10040
was published
Oct 18, 2024
Cross-Site Request Forgery (CSRF) vulnerability in PINPOINT.WORLD Pinpoint Booking System allows...
Moderate
Unreviewed
CVE-2024-49304
was published
Oct 17, 2024
Cross-Site Request Forgery (CSRF) vulnerability in A WP Life Contact Form Widget allows Cross...
Moderate
Unreviewed
CVE-2024-48037
was published
Oct 17, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Sumit Surai Featured Posts with Multiple...
Moderate
Unreviewed
CVE-2024-48031
was published
Oct 17, 2024
Cross-site request forgery vulnerability in Energy Management Controller with Cloud Services JH...
Moderate
Unreviewed
CVE-2024-23785
was published
Oct 17, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Razon Komar Pal Linked Variation for...
Moderate
Unreviewed
CVE-2024-48047
was published
Oct 17, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Hans Matzen wp-Monalisa allows Cross Site...
Moderate
Unreviewed
CVE-2024-48038
was published
Oct 17, 2024
The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-9352
was published
Oct 17, 2024
The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-9351
was published
Oct 17, 2024
dingfanzu CMS V1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the addPro...
Moderate
Unreviewed
CVE-2024-48758
was published
Oct 16, 2024
The WP ULike – The Ultimate Engagement Toolkit for Websites plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2024-9649
was published
Oct 16, 2024
IBM Watson Studio Local 1.2.3 is vulnerable to cross-site request forgery which could allow an...
Moderate
Unreviewed
CVE-2024-49340
was published
Oct 16, 2024
Hono allows bypass of CSRF Middleware by a request without Content-Type header.
Moderate
CVE-2024-48913
was published
for
hono
(npm)
Oct 15, 2024
Phpgurukul User Registration & Login and User Management System 3.2 is vulnerable to Cross Site...
Moderate
Unreviewed
CVE-2024-48278
was published
Oct 15, 2024
In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions...
Moderate
Unreviewed
CVE-2024-45737
was published
Oct 14, 2024
ProTip!
Advisories are also available from the
GraphQL API