GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,000
Erlang
29
GitHub Actions
16
Go
1,787
Maven
5,000+
npm
3,547
NuGet
622
pip
3,143
Pub
10
RubyGems
839
Rust
796
Swift
34
Unreviewed advisories
All unreviewed
5,000+
2,518 advisories
Filter by severity
Aim Cross-Site Request Forgery vulnerability allows user to delete runs and perform other operations
High
CVE-2024-2196
was published
for
aim
(pip)
Apr 10, 2024
A vulnerability in the web-based management interface of Cisco Nexus Dashboard and Cisco Nexus...
High
Unreviewed
CVE-2024-20281
was published
Apr 3, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Adam Bowen Tax Rate Upload allows Reflected...
High
Unreviewed
CVE-2024-31105
was published
Apr 2, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Toastie Studio Woocommerce Social Media Share...
High
Unreviewed
CVE-2024-31109
was published
Apr 2, 2024
I have activated the CORS because I had a development ui that uses another port number then I...
High
Unreviewed
CVE-2024-1522
was published
Mar 30, 2024
Cross site scripting (XSS) in JupyterHub via Self-XSS leveraged by Cookie Tossing
High
CVE-2024-28233
was published
for
jupyterhub
(pip)
Mar 28, 2024
Cross-Site Request Forgery (CSRF) vulnerability in BizSwoop a CPF Concepts, LLC Brand BizPrint...
High
Unreviewed
CVE-2024-29773
was published
Mar 27, 2024
Cross-Site Request Forgery (CSRF) vulnerability in ThemeFusion Fusion Builder.This issue affects...
High
Unreviewed
CVE-2023-39311
was published
Mar 27, 2024
Cross-Site Request Forgery in Anchor CMS
High
CVE-2024-29338
was published
for
anchorcms/anchor-cms
(Composer)
Mar 22, 2024
Cross-Site Request Forgery in Anchor CMS
High
CVE-2024-29499
was published
for
anchorcms/anchor-cms
(Composer)
Mar 22, 2024
A cross-site request forgery vulnerability has been identified in LoadMaster. It is possible for...
High
Unreviewed
CVE-2024-2449
was published
Mar 22, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Optimole Super Page Cache for Cloudflare...
High
Unreviewed
CVE-2024-27968
was published
Mar 21, 2024
ESPHome vulnerable to Authentication bypass via Cross site request forgery
High
CVE-2024-29019
was published
for
esphome
(pip)
Mar 21, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Andrei Ivasiuc Fontific | Google Fonts allows...
High
Unreviewed
CVE-2024-27194
was published
Mar 16, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Sandi Verdev Watermark RELOADED allows Stored...
High
Unreviewed
CVE-2024-27195
was published
Mar 16, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Pixelemu TerraClassifieds.This issue affects...
High
Unreviewed
CVE-2023-51474
was published
Mar 16, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Bee BeePress allows Stored XSS.This issue...
High
Unreviewed
CVE-2024-27197
was published
Mar 16, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Ernest Marcinko Ajax Search Lite allows...
High
Unreviewed
CVE-2024-21752
was published
Feb 29, 2024
Cross-Site Request Forgery vulnerability in SMA Cluster Controller, affecting version 01.05.01.R....
High
Unreviewed
CVE-2024-1889
was published
Feb 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in PowerPack Addons for Elementor PowerPack Pro...
High
Unreviewed
CVE-2024-24843
was published
Feb 21, 2024
flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
High
Unreviewed
CVE-2024-25419
was published
Feb 11, 2024
flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
High
Unreviewed
CVE-2024-25417
was published
Feb 11, 2024
flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
High
Unreviewed
CVE-2024-25418
was published
Feb 11, 2024
Multiple Cross-Site Request Forgery (CSRF) chaining in NCR Terminal Handler v.1.5.1 allows...
High
Unreviewed
CVE-2023-47020
was published
Feb 8, 2024
A vulnerability in the SOAP API of Cisco Expressway Series and Cisco TelePresence Video...
High
Unreviewed
CVE-2024-20255
was published
Feb 7, 2024
ProTip!
Advisories are also available from the
GraphQL API