Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,000
Erlang
29
GitHub Actions
16
Go
1,787
Maven
5,000+
npm
3,547
NuGet
622
pip
3,143
Pub
10
RubyGems
839
Rust
796
Swift
34
Unreviewed advisories
All unreviewed
5,000+

2,518 advisories

Loading
Aim Cross-Site Request Forgery vulnerability allows user to delete runs and perform other operations High
CVE-2024-2196 was published for aim (pip) Apr 10, 2024
A vulnerability in the web-based management interface of Cisco Nexus Dashboard and Cisco Nexus... High Unreviewed
CVE-2024-20281 was published Apr 3, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Adam Bowen Tax Rate Upload allows Reflected... High Unreviewed
CVE-2024-31105 was published Apr 2, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Toastie Studio Woocommerce Social Media Share... High Unreviewed
CVE-2024-31109 was published Apr 2, 2024
I have activated the CORS because I had a development ui that uses another port number then I... High Unreviewed
CVE-2024-1522 was published Mar 30, 2024
Cross site scripting (XSS) in JupyterHub via Self-XSS leveraged by Cookie Tossing High
CVE-2024-28233 was published for jupyterhub (pip) Mar 28, 2024
Th0h0
Cross-Site Request Forgery (CSRF) vulnerability in BizSwoop a CPF Concepts, LLC Brand BizPrint... High Unreviewed
CVE-2024-29773 was published Mar 27, 2024
Cross-Site Request Forgery (CSRF) vulnerability in ThemeFusion Fusion Builder.This issue affects... High Unreviewed
CVE-2023-39311 was published Mar 27, 2024
Cross-Site Request Forgery in Anchor CMS High
CVE-2024-29338 was published for anchorcms/anchor-cms (Composer) Mar 22, 2024
Cross-Site Request Forgery in Anchor CMS High
CVE-2024-29499 was published for anchorcms/anchor-cms (Composer) Mar 22, 2024
A cross-site request forgery vulnerability has been identified in LoadMaster.  It is possible for... High Unreviewed
CVE-2024-2449 was published Mar 22, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Optimole Super Page Cache for Cloudflare... High Unreviewed
CVE-2024-27968 was published Mar 21, 2024
ESPHome vulnerable to Authentication bypass via Cross site request forgery High
CVE-2024-29019 was published for esphome (pip) Mar 21, 2024
r3kumar
Cross-Site Request Forgery (CSRF) vulnerability in Andrei Ivasiuc Fontific | Google Fonts allows... High Unreviewed
CVE-2024-27194 was published Mar 16, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Sandi Verdev Watermark RELOADED allows Stored... High Unreviewed
CVE-2024-27195 was published Mar 16, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Pixelemu TerraClassifieds.This issue affects... High Unreviewed
CVE-2023-51474 was published Mar 16, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Bee BeePress allows Stored XSS.This issue... High Unreviewed
CVE-2024-27197 was published Mar 16, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Ernest Marcinko Ajax Search Lite allows... High Unreviewed
CVE-2024-21752 was published Feb 29, 2024
Cross-Site Request Forgery vulnerability in SMA Cluster Controller, affecting version 01.05.01.R.... High Unreviewed
CVE-2024-1889 was published Feb 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in PowerPack Addons for Elementor PowerPack Pro... High Unreviewed
CVE-2024-24843 was published Feb 21, 2024
flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component... High Unreviewed
CVE-2024-25419 was published Feb 11, 2024
flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component... High Unreviewed
CVE-2024-25417 was published Feb 11, 2024
flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component... High Unreviewed
CVE-2024-25418 was published Feb 11, 2024
Multiple Cross-Site Request Forgery (CSRF) chaining in NCR Terminal Handler v.1.5.1 allows... High Unreviewed
CVE-2023-47020 was published Feb 8, 2024
A vulnerability in the SOAP API of Cisco Expressway Series and Cisco TelePresence Video... High Unreviewed
CVE-2024-20255 was published Feb 7, 2024
ProTip! Advisories are also available from the GraphQL API