GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,967
Erlang
29
GitHub Actions
16
Go
1,748
Maven
4,978
npm
3,509
NuGet
609
pip
3,075
Pub
10
RubyGems
832
Rust
781
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
2,187 advisories
Filter by severity
FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/score...
High
Unreviewed
CVE-2024-22601
was published
Jan 18, 2024
FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/score/del.
High
Unreviewed
CVE-2024-22568
was published
Jan 18, 2024
FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/admin...
High
Unreviewed
CVE-2024-22593
was published
Jan 18, 2024
FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/user/group_save.
High
Unreviewed
CVE-2024-22591
was published
Jan 18, 2024
FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/user/group_update
High
Unreviewed
CVE-2024-22592
was published
Jan 18, 2024
Stupid Simple CMS <=1.2.4 was discovered to contain a Cross-Site Request Forgery (CSRF) via the...
High
Unreviewed
CVE-2024-22715
was published
Jan 17, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Vinoj Cardoza 3D Tag Cloud allows Stored XSS...
High
Unreviewed
CVE-2022-41990
was published
Jan 17, 2024
The 3dprint WordPress plugin before 3.5.6.9 does not protect against CSRF attacks in the modified...
High
Unreviewed
CVE-2022-3899
was published
Jan 16, 2024
QStar Archive Solutions Release RELEASE_3-0 Build 7 Patch 0 was discovered to contain a DOM Based...
High
Unreviewed
CVE-2023-51063
was published
Jan 13, 2024
Verydows v2.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component ...
High
Unreviewed
CVE-2023-51949
was published
Jan 12, 2024
An issue was discovered in savignano S/Notify before 2.0.1 for Bitbucket. While an administrative...
High
Unreviewed
CVE-2023-50931
was published
Jan 9, 2024
An issue was discovered in savignano S/Notify before 4.0.2 for Confluence. While an...
High
Unreviewed
CVE-2023-50932
was published
Jan 9, 2024
An issue was discovered in savignano S/Notify before 4.0.2 for Jira. While an administrative user...
High
Unreviewed
CVE-2023-50930
was published
Jan 9, 2024
FlyCms v1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component ...
High
Unreviewed
CVE-2023-52073
was published
Jan 9, 2024
FlyCms v1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
High
Unreviewed
CVE-2023-52074
was published
Jan 9, 2024
FlyCms v1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component ...
High
Unreviewed
CVE-2023-52072
was published
Jan 9, 2024
The CommentTweets WordPress plugin through 0.6 does not have CSRF checks in some places, which...
High
Unreviewed
CVE-2023-6845
was published
Jan 8, 2024
The WP Blogs' Planetarium WordPress plugin through 1.0 does not have CSRF check in place when...
High
Unreviewed
CVE-2023-6532
was published
Jan 8, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Ovation S.R.L. Dynamic Content for Elementor...
High
Unreviewed
CVE-2023-52150
was published
Jan 5, 2024
A Cross-Site Request Forgery (CSRF) vulnerability has been identified in ioLogik E1200 Series...
High
Unreviewed
CVE-2023-5961
was published
Dec 23, 2023
Cross-Site Request Forgery (CSRF) vulnerability in Tribe Interactive Caddy – Smart Side Cart for...
High
Unreviewed
CVE-2023-49854
was published
Dec 20, 2023
Cross-Site Request Forgery (CSRF) vulnerability in Hiroaki Miyashita Custom Post Type Page...
High
Unreviewed
CVE-2023-50372
was published
Dec 20, 2023
Cross-Site Request Forgery (CSRF) vulnerability in BinaryCarpenter Menu Bar Cart Icon For...
High
Unreviewed
CVE-2023-49855
was published
Dec 20, 2023
A successful CSRF attack could force the user to perform state changing requests on the...
High
Unreviewed
CVE-2023-6689
was published
Dec 20, 2023
The Export any WordPress data to XML/CSV WordPress plugin before 1.4.0, WP All Export Pro...
High
Unreviewed
CVE-2023-5882
was published
Dec 18, 2023
ProTip!
Advisories are also available from the
GraphQL API