GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,958
Erlang
29
GitHub Actions
16
Go
1,745
Maven
4,971
npm
3,507
NuGet
609
pip
3,066
Pub
10
RubyGems
832
Rust
780
Swift
34
Unreviewed advisories
All unreviewed
5,000+
2,481 advisories
Filter by severity
The WordPress Users WordPress plugin through 1.4 does not have CSRF check in place when updating...
High
Unreviewed
CVE-2023-6390
was published
Jan 29, 2024
The Autotitle for WordPress plugin through 1.0.3 does not have CSRF check in place when updating...
High
Unreviewed
CVE-2023-6946
was published
Jan 29, 2024
The Custom User CSS WordPress plugin through 0.2 does not have CSRF check in place when updating...
High
Unreviewed
CVE-2023-6391
was published
Jan 29, 2024
Cross Site Request Forgery vulnerability in NCR Terminal Handler v.1.5.1 allows a remote attacker...
High
Unreviewed
CVE-2023-47024
was published
Jan 20, 2024
github.com/argoproj/argo-cd Cross-Site Request Forgery vulnerability
High
CVE-2024-22424
was published
for
github.com/argoproj/argo-cd
(Go)
Jan 19, 2024
FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/email...
High
Unreviewed
CVE-2024-22817
was published
Jan 18, 2024
FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/admin...
High
Unreviewed
CVE-2024-22699
was published
Jan 18, 2024
FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/email...
High
Unreviewed
CVE-2024-22819
was published
Jan 18, 2024
FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/score...
High
Unreviewed
CVE-2024-22601
was published
Jan 18, 2024
FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/links/add_link
High
Unreviewed
CVE-2024-22603
was published
Jan 18, 2024
FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerbility via /system/site...
High
Unreviewed
CVE-2024-22818
was published
Jan 18, 2024
FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/score/del.
High
Unreviewed
CVE-2024-22568
was published
Jan 18, 2024
FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/user/group_update
High
Unreviewed
CVE-2024-22592
was published
Jan 18, 2024
FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/admin...
High
Unreviewed
CVE-2024-22593
was published
Jan 18, 2024
FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/user/group_save.
High
Unreviewed
CVE-2024-22591
was published
Jan 18, 2024
Stupid Simple CMS <=1.2.4 was discovered to contain a Cross-Site Request Forgery (CSRF) via the...
High
Unreviewed
CVE-2024-22715
was published
Jan 17, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Vinoj Cardoza 3D Tag Cloud allows Stored XSS...
High
Unreviewed
CVE-2022-41990
was published
Jan 17, 2024
The 3dprint WordPress plugin before 3.5.6.9 does not protect against CSRF attacks in the modified...
High
Unreviewed
CVE-2022-3899
was published
Jan 16, 2024
QStar Archive Solutions Release RELEASE_3-0 Build 7 Patch 0 was discovered to contain a DOM Based...
High
Unreviewed
CVE-2023-51063
was published
Jan 13, 2024
Verydows v2.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component ...
High
Unreviewed
CVE-2023-51949
was published
Jan 12, 2024
An issue was discovered in savignano S/Notify before 4.0.2 for Confluence. While an...
High
Unreviewed
CVE-2023-50932
was published
Jan 9, 2024
An issue was discovered in savignano S/Notify before 2.0.1 for Bitbucket. While an administrative...
High
Unreviewed
CVE-2023-50931
was published
Jan 9, 2024
An issue was discovered in savignano S/Notify before 4.0.2 for Jira. While an administrative user...
High
Unreviewed
CVE-2023-50930
was published
Jan 9, 2024
FlyCms v1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
High
Unreviewed
CVE-2023-52074
was published
Jan 9, 2024
FlyCms v1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component ...
High
Unreviewed
CVE-2023-52072
was published
Jan 9, 2024
ProTip!
Advisories are also available from the
GraphQL API