GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,985
Erlang
29
GitHub Actions
16
Go
1,771
Maven
4,995
npm
3,541
NuGet
617
pip
3,120
Pub
10
RubyGems
838
Rust
788
Swift
34
Unreviewed advisories
All unreviewed
5,000+
3,137 advisories
Filter by severity
Cross-Site Request Forgery (CSRF) vulnerability in presscustomizr Customizr.This issue affects...
Moderate
Unreviewed
CVE-2024-35771
was published
Jun 21, 2024
Cross Site Request Forgery (CSRF) vulnerability in Tribulant Newsletters.This issue affects...
Moderate
Unreviewed
CVE-2024-37227
was published
Jun 21, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Dave Kiss Vimeography: Vimeo Video Gallery...
Moderate
Unreviewed
CVE-2024-35770
was published
Jun 21, 2024
Cross-Site Request Forgery (CSRF) vulnerability in presscustomizr Hueman.This issue affects...
Moderate
Unreviewed
CVE-2024-35772
was published
Jun 21, 2024
Cross Site Request Forgery (CSRF) vulnerability in Uncanny Owl Uncanny Automator Pro.This issue...
Moderate
Unreviewed
CVE-2024-37118
was published
Jun 21, 2024
Cross-Site Request Forgery (CSRF) vulnerability in blazethemes Digital Newspaper.This issue...
Moderate
Unreviewed
CVE-2024-37198
was published
Jun 21, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Rara Theme Book Landing Page.This issue...
Moderate
Unreviewed
CVE-2024-37230
was published
Jun 21, 2024
The Widget Bundle WordPress plugin through 2.0.0 does not have CSRF checks when logging Widgets,...
Moderate
Unreviewed
CVE-2024-4969
was published
Jun 21, 2024
The WP Logs Book WordPress plugin through 1.0.1 does not have CSRF check when clearing logs,...
Moderate
Unreviewed
CVE-2024-4475
was published
Jun 21, 2024
The WP Logs Book WordPress plugin through 1.0.1 does not have CSRF check in place when updating...
Moderate
Unreviewed
CVE-2024-4474
was published
Jun 21, 2024
The CB (legacy) WordPress plugin through 0.9.4.18 does not have CSRF checks in some bulk actions,...
Moderate
Unreviewed
CVE-2024-4382
was published
Jun 21, 2024
Cross-Site Request Forgery (CSRF) vulnerability in GamiPress.This issue affects GamiPress: from n...
Moderate
Unreviewed
CVE-2023-25697
was published
Jun 19, 2024
The Paradox IP150 Internet Module in version 1.40.00 is vulnerable to Cross-Site Request Forgery ...
Moderate
Unreviewed
CVE-2024-5676
was published
Jun 19, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Averta Master Slider.This issue affects Master...
Moderate
Unreviewed
CVE-2023-50900
was published
Jun 19, 2024
Moodle CSRF risks due to misuse of confirm_sesskey
Moderate
CVE-2024-38276
was published
for
moodle/moodle
(Composer)
Jun 18, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Lim Kai Yang Grab & Save.This issue affects...
Moderate
Unreviewed
CVE-2023-47845
was published
Jun 12, 2024
Emlog pro2.3 is vulnerable to Cross Site Request Forgery (CSRF) via twitter.php which can be used...
Moderate
Unreviewed
CVE-2024-31612
was published
Jun 10, 2024
A Cross-Site Request Forgery (CSRF) vulnerability exists in the restart_program function of the...
Moderate
Unreviewed
CVE-2024-4403
was published
Jun 10, 2024
Cross-Site Request Forgery vulnerability in Comtrend router WLD71-T1_v2.0.201820, affecting the...
Moderate
Unreviewed
CVE-2024-5786
was published
Jun 10, 2024
A Cross-Site Request Forgery (CSRF) vulnerability exists in the clear_personality_files_list...
Moderate
Unreviewed
CVE-2024-4328
was published
Jun 10, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Plechev Andrey WP-Recall.This issue affects WP...
Moderate
Unreviewed
CVE-2024-35657
was published
Jun 8, 2024
Cross-Site Request Forgery (CSRF) vulnerability in 10up ElasticPress.This issue affects...
Moderate
Unreviewed
CVE-2024-35684
was published
Jun 8, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Analytify.This issue affects Analytify: from n...
Moderate
Unreviewed
CVE-2024-35689
was published
Jun 8, 2024
Zend-Diactoros URL Rewrite vulnerability
Moderate
GHSA-fq4p-86hh-42v9
was published
for
zendframework/zend-diactoros
(Composer)
Jun 7, 2024
Zendframework URL Rewrite vulnerability
Moderate
GHSA-fh7r-58q4-6387
was published
for
zendframework/zendframework
(Composer)
Jun 7, 2024
ProTip!
Advisories are also available from the
GraphQL API