Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,996
Erlang
29
GitHub Actions
16
Go
1,782
Maven
5,000+
npm
3,545
NuGet
620
pip
3,136
Pub
10
RubyGems
838
Rust
795
Swift
34
Unreviewed advisories
All unreviewed
5,000+

3,149 advisories

Loading
Cross-Site Request Forgery (CSRF) vulnerability in Extend Themes EmpowerWP.This issue affects... Moderate Unreviewed
CVE-2024-34809 was published May 17, 2024
Cross-Site Request Forgery (CSRF) vulnerability in CRM Perks Integration for Contact Form 7... Moderate Unreviewed
CVE-2024-34756 was published May 17, 2024
Cross-Site Request Forgery (CSRF) on Session Token vulnerability that could potentially lead to... Moderate Unreviewed
CVE-2024-23554 was published May 18, 2024
A vulnerability, which was classified as problematic, was found in SourceCodester Simple... Moderate Unreviewed
CVE-2024-5097 was published May 19, 2024
Duplicate Advisory: Cross-Site Request Forgery in Gradio Moderate
GHSA-3x9g-xfj5-fq84 was published for gradio (pip) Mar 21, 2024 withdrawn
Gradio applications running locally vulnerable to 3rd party websites accessing routes and uploading files Moderate
CVE-2024-1727 was published for gradio (pip) May 21, 2024
sensiolabs/connect has a Cross-Site Request Forgery Vulnerability Moderate
GHSA-6wqp-7g94-f69j was published for sensiolabs/connect (Composer) May 21, 2024
Django cross-site request forgery (CSRF) vulnerability Moderate
CVE-2008-3909 was published for django (pip) May 2, 2022
MarkLee131
A CSRF vulnerability exists within GitLab CE/EE from versions 13.11 before 16.10.6, from 16.11... Moderate Unreviewed
CVE-2023-7045 was published May 23, 2024
Silverstripe Forum Module CSRF Vulnerability Moderate
GHSA-w8fq-xgvh-cxc2 was published for silverstripe/forum (Composer) May 23, 2024
Silverstripe CSRF vulnerability in GridFieldAddExistingAutocompleter Moderate
GHSA-2hpc-mf4q-j885 was published for silverstripe/framework (Composer) May 23, 2024
Silverstripe Missing CSRF protection in login form Moderate
GHSA-vj2j-6g3w-4662 was published for silverstripe/framework (Composer) May 23, 2024
Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DIR-600 router (rev. Bx)... Moderate Unreviewed
CVE-2014-100005 was published May 17, 2022
Multiple cross-site request forgery (CSRF) vulnerabilities in the web management interface in... Moderate Unreviewed
CVE-2010-2594 was published May 17, 2022
Sylius Resource Bundle Cross-Site Request Forgery vulnerability Moderate
GHSA-65v7-wg35-2qpm was published for sylius/resource-bundle (Composer) May 29, 2024
Jenkins NeuVector Vulnerability Scanner Plugin Cross-Site Request Forgery vulnerability Moderate
CVE-2023-49673 was published for io.jenkins.plugins:neuvector-vulnerability-scanner (Maven) Nov 29, 2023
secjoker
CSRF vulnerability in Jenkins Nomad Plugin allow SSRF Moderate
CVE-2019-10292 was published for org.jenkins-ci.plugins:kmap-jenkins (Maven) May 13, 2022
Cross-Site Request Forgery (CSRF) vulnerability in Uploadcare Uploadcare File Uploader and... Moderate Unreviewed
CVE-2024-35636 was published Jun 1, 2024
Cross-Site Request Forgery (CSRF) vulnerability in JumpDEMAND Inc. ActiveDEMAND.This issue... Moderate Unreviewed
CVE-2024-35638 was published Jun 3, 2024
Cross-Site Request Forgery (CSRF) vulnerability in CRM Perks. Integration for Contact Form 7 and... Moderate Unreviewed
CVE-2024-35632 was published Jun 3, 2024
Moodle Logout CSRF in admin/tool/mfa/auth.php Moderate
CVE-2024-34007 was published for moodle/moodle (Composer) May 31, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Pure Chat by Ruby Pure Chat.This issue affects... Moderate Unreviewed
CVE-2024-35673 was published Jun 5, 2024
Zendframework URL Rewrite vulnerability Moderate
GHSA-fh7r-58q4-6387 was published for zendframework/zendframework (Composer) Jun 7, 2024
Zend-Diactoros URL Rewrite vulnerability Moderate
GHSA-fq4p-86hh-42v9 was published for zendframework/zend-diactoros (Composer) Jun 7, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Analytify.This issue affects Analytify: from n... Moderate Unreviewed
CVE-2024-35689 was published Jun 8, 2024
ProTip! Advisories are also available from the GraphQL API