Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,972
Erlang
29
GitHub Actions
16
Go
1,762
Maven
4,983
npm
3,518
NuGet
609
pip
3,094
Pub
10
RubyGems
833
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

3,119 advisories

Loading
A Cross-Site Request Forgery (CSRF) vulnerability exists in mudler/LocalAI versions up to and... Moderate Unreviewed
CVE-2024-5616 was published Jul 6, 2024
The Himer WordPress theme before 2.1.1 does not have CSRF checks in some places, which could... Moderate Unreviewed
CVE-2024-2233 was published Jul 3, 2024
The Himer WordPress theme before 2.1.1 does not have CSRF checks in some places, which could... Moderate Unreviewed
CVE-2024-2235 was published Jul 3, 2024
The Snippet Shortcodes plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed
CVE-2024-4543 was published Jul 3, 2024
The Himer WordPress theme before 2.1.1 does not have CSRF checks in some places, which could... Moderate Unreviewed
CVE-2024-2040 was published Jul 3, 2024
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request forgery which could... Moderate Unreviewed
CVE-2024-31902 was published Jun 30, 2024
A Cross-Site Request Forgery (CSRF) vulnerability in version 0.5.0 of imartinez/privategpt allows... Moderate Unreviewed
CVE-2024-5935 was published Jun 27, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component ... Moderate Unreviewed
CVE-2024-39153 was published Jun 27, 2024
TruDesk Help Desk/Ticketing Solution v1.1.11 is vulnerable to a Cross-Site Request Forgery (CSRF)... Moderate Unreviewed
CVE-2021-45785 was published Jun 24, 2024
A Cross-Site Request Forgery (CSRF) vulnerability exists in the 'Servers Configurations' function... Moderate Unreviewed
CVE-2024-4839 was published Jun 24, 2024
Cross-Site Request Forgery (CSRF) vulnerability in blazethemes Digital Newspaper.This issue... Moderate Unreviewed
CVE-2024-37198 was published Jun 21, 2024
Cross Site Request Forgery (CSRF) vulnerability in Uncanny Owl Uncanny Automator Pro.This issue... Moderate Unreviewed
CVE-2024-37118 was published Jun 21, 2024
Cross Site Request Forgery (CSRF) vulnerability in Tribulant Newsletters.This issue affects... Moderate Unreviewed
CVE-2024-37227 was published Jun 21, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Rara Theme Book Landing Page.This issue... Moderate Unreviewed
CVE-2024-37230 was published Jun 21, 2024
Cross-Site Request Forgery (CSRF) vulnerability in presscustomizr Customizr.This issue affects... Moderate Unreviewed
CVE-2024-35771 was published Jun 21, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Dave Kiss Vimeography: Vimeo Video Gallery... Moderate Unreviewed
CVE-2024-35770 was published Jun 21, 2024
Cross-Site Request Forgery (CSRF) vulnerability in presscustomizr Hueman.This issue affects... Moderate Unreviewed
CVE-2024-35772 was published Jun 21, 2024
The Widget Bundle WordPress plugin through 2.0.0 does not have CSRF checks when logging Widgets,... Moderate Unreviewed
CVE-2024-4969 was published Jun 21, 2024
Cross-Site Request Forgery (CSRF) vulnerability in GamiPress.This issue affects GamiPress: from n... Moderate Unreviewed
CVE-2023-25697 was published Jun 19, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Averta Master Slider.This issue affects Master... Moderate Unreviewed
CVE-2023-50900 was published Jun 19, 2024
The Paradox IP150 Internet Module in version 1.40.00 is vulnerable to Cross-Site Request Forgery ... Moderate Unreviewed
CVE-2024-5676 was published Jun 19, 2024
Moodle CSRF risks due to misuse of confirm_sesskey Moderate
CVE-2024-38276 was published for moodle/moodle (Composer) Jun 18, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Lim Kai Yang Grab & Save.This issue affects... Moderate Unreviewed
CVE-2023-47845 was published Jun 12, 2024
Emlog pro2.3 is vulnerable to Cross Site Request Forgery (CSRF) via twitter.php which can be used... Moderate Unreviewed
CVE-2024-31612 was published Jun 10, 2024
A Cross-Site Request Forgery (CSRF) vulnerability exists in the restart_program function of the... Moderate Unreviewed
CVE-2024-4403 was published Jun 10, 2024
ProTip! Advisories are also available from the GraphQL API