Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

5,691 advisories

Loading
Sylius Resource Bundle Cross-Site Request Forgery vulnerability Moderate
GHSA-65v7-wg35-2qpm was published for sylius/resource-bundle (Composer) May 29, 2024
silverstripe/graphql Cross-Site Request Forgery vulnerability High
GHSA-wjg9-v8cf-f5q2 was published for silverstripe/graphql (Composer) May 28, 2024
Silverstripe Missing CSRF protection in login form Moderate
GHSA-vj2j-6g3w-4662 was published for silverstripe/framework (Composer) May 23, 2024
Silverstripe CSRF vulnerability in GridFieldAddExistingAutocompleter Moderate
GHSA-2hpc-mf4q-j885 was published for silverstripe/framework (Composer) May 23, 2024
Silverstripe Forum Module CSRF Vulnerability Moderate
GHSA-w8fq-xgvh-cxc2 was published for silverstripe/forum (Composer) May 23, 2024
A CSRF vulnerability exists within GitLab CE/EE from versions 13.11 before 16.10.6, from 16.11... Moderate Unreviewed
CVE-2023-7045 was published May 23, 2024
sensiolabs/connect has a Cross-Site Request Forgery Vulnerability Moderate
GHSA-6wqp-7g94-f69j was published for sensiolabs/connect (Composer) May 21, 2024
Gradio applications running locally vulnerable to 3rd party websites accessing routes and uploading files Moderate
CVE-2024-1727 was published for gradio (pip) May 21, 2024
A vulnerability, which was classified as problematic, was found in SourceCodester Simple... Moderate Unreviewed
CVE-2024-5097 was published May 19, 2024
Cross-Site Request Forgery (CSRF) on Session Token vulnerability that could potentially lead to... Moderate Unreviewed
CVE-2024-23554 was published May 18, 2024
Cross-Site Request Forgery (CSRF) vulnerability in CRM Perks Integration for Contact Form 7... Moderate Unreviewed
CVE-2024-34756 was published May 17, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Extend Themes EmpowerWP.This issue affects... Moderate Unreviewed
CVE-2024-34809 was published May 17, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Creative Motion Clearfy Cache.This issue... Moderate Unreviewed
CVE-2024-34806 was published May 17, 2024
Cross-Site Request Forgery (CSRF) vulnerability in CodeBard Fast Custom Social Share by CodeBard... Moderate Unreviewed
CVE-2024-34807 was published May 17, 2024
Cross-Site Request Forgery (CSRF) vulnerability in CRM Perks Integration for Contact Form 7 and... Moderate Unreviewed
CVE-2024-34755 was published May 17, 2024
Cross-Site Request Forgery (CSRF) vulnerability in WP Automatic Automatic allows Privilege... High Unreviewed
CVE-2024-27955 was published May 17, 2024
Cross-Site Request Forgery (CSRF) vulnerability in WP Hive Events Rich Snippets for Google allows... High Unreviewed
CVE-2023-44478 was published May 17, 2024
A vulnerability classified as problematic has been found in SourceCodester Simple Online Bidding... Moderate Unreviewed
CVE-2024-4929 was published May 16, 2024
eZ Platform CSRF token in login form is disabled by default High
GHSA-45qm-j4m9-whv9 was published for ezsystems/ezplatform (Composer) May 15, 2024
Cross-Site Request Forgery (CSRF) vulnerability in ShortPixel ShortPixel Adaptive Images.This... Moderate Unreviewed
CVE-2024-4689 was published May 14, 2024
An issue has been discovered in GitLab EE affecting all versions from 16.7 before 16.9.7, all... Moderate Unreviewed
CVE-2024-4597 was published May 14, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Kiboko Labs Arigato Autoresponder and... Moderate Unreviewed
CVE-2024-34823 was published May 14, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Cozmoslabs, Razvan Mocanu, Madalin Ungureanu,... Moderate Unreviewed
CVE-2024-34827 was published May 14, 2024
Cross-Site Request Forgery (CSRF) vulnerability in ThemeFuse Unyson.This issue affects Unyson:... Moderate Unreviewed
CVE-2024-34814 was published May 14, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Revmakx WPCal.Io – Easy Meeting Scheduler.This... Moderate Unreviewed
CVE-2024-34816 was published May 14, 2024
ProTip! Advisories are also available from the GraphQL API