Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,954
Erlang
29
GitHub Actions
16
Go
1,740
Maven
4,967
npm
3,504
NuGet
607
pip
3,064
Pub
10
RubyGems
832
Rust
780
Swift
34
Unreviewed advisories
All unreviewed
5,000+

5,671 advisories

Cross-Site Request Forgery (CSRF) vulnerability in Rara Theme Restaurant and Cafe.This issue... Moderate Unreviewed
CVE-2024-34379 was published May 6, 2024
Werkzeug debugger vulnerable to remote execution when interacting with attacker controlled domain High
CVE-2024-34069 was published for Werkzeug (pip) May 6, 2024
Ry0taK
Firebase vulnerable to CRSF attack Low
CVE-2024-4128 was published for firebase-tools (npm) May 2, 2024
Cross-Site Request Forgery (CSRF) vulnerability leading to Arbitrary File Upload in Xserver... Critical Unreviewed
CVE-2024-33913 was published May 2, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Piotnet Piotnet Addons For Elementor Pro.This... Moderate Unreviewed
CVE-2024-33632 was published Apr 29, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Sandor Kovacs Regenerate post permalink allows... High Unreviewed
CVE-2024-33681 was published Apr 29, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Toast Plugins Sticky Anything allows Cross... High Unreviewed
CVE-2024-33646 was published Apr 29, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Extend Themes Teluro.This issue affects Teluro... Moderate Unreviewed
CVE-2024-33688 was published Apr 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Tony Zeoli, Tony Hayes Radio Station.This... Moderate Unreviewed
CVE-2024-33689 was published Apr 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Jegstudio Financio.This issue affects Financio... Moderate Unreviewed
CVE-2024-33690 was published Apr 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in OptinMonster Popup Builder Team OptinMonster... Moderate Unreviewed
CVE-2024-33691 was published Apr 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Cookie Information A/S WP GDPR Compliance.This... Moderate Unreviewed
CVE-2024-33682 was published Apr 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in MainWP MainWP Child Reports.This issue affects... Moderate Unreviewed
CVE-2024-33680 was published Apr 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in WP Republic Hide Dashboard Notifications.This... Moderate Unreviewed
CVE-2024-33683 was published Apr 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Renzo Johnson Contact Form 7 Extension For... Moderate Unreviewed
CVE-2024-33677 was published Apr 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in ClickCease ClickCease Click Fraud Protection... Moderate Unreviewed
CVE-2024-33678 was published Apr 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in FameThemes FameTheme Demo Importer.This issue... Moderate Unreviewed
CVE-2024-33679 was published Apr 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Brijesh Kothari Smart Maintenance Mode.This... Moderate Unreviewed
CVE-2024-33638 was published Apr 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Cryout Creations Serious Slider.This issue... Moderate Unreviewed
CVE-2024-33650 was published Apr 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Matthew Fries MF Gig Calendar.This issue... Moderate Unreviewed
CVE-2024-33651 was published Apr 26, 2024
A vulnerability classified as problematic was found in idcCMS 1.35. Affected by this... Moderate Unreviewed
CVE-2024-4172 was published Apr 25, 2024
Cross-Site Request Forgery (CSRF) vulnerability in 大侠WP DX-Watermark.This issue affects DX... Critical Unreviewed
CVE-2024-30560 was published Apr 25, 2024
Cross-Site Request Forgery (CSRF) vulnerability in WP Royal Royal Elementor Kit.This issue... Moderate Unreviewed
CVE-2024-32773 was published Apr 24, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Paid Memberships Pro.This issue affects Paid... Moderate Unreviewed
CVE-2024-32794 was published Apr 24, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Revmakx WPCal.Io – Easy Meeting Scheduler.This... Moderate Unreviewed
CVE-2024-32795 was published Apr 24, 2024
ProTip! Advisories are also available from the GraphQL API