GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,967
Erlang
29
GitHub Actions
16
Go
1,748
Maven
4,978
npm
3,509
NuGet
609
pip
3,075
Pub
10
RubyGems
832
Rust
781
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
2,187 advisories
Filter by severity
The Export any WordPress data to XML/CSV WordPress plugin before 1.4.0, WP All Export Pro...
High
Unreviewed
CVE-2023-5886
was published
Dec 18, 2023
Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the...
High
Unreviewed
CVE-2023-50017
was published
Dec 14, 2023
A cross-site request forgery (CSRF) in Fortinet FortiVoiceEnterprise version 6.4.x, 6.0.x,...
High
Unreviewed
CVE-2022-27488
was published
Dec 13, 2023
Mattermost fails to validate if a relative path is passed in /plugins/playbooks/api/v0/telemetry...
High
Unreviewed
CVE-2023-45316
was published
Dec 12, 2023
Cross Site Request Forgery (CSRF) vulnerability in Connectize AC21000 G6 641.139.1.1256 allows...
High
Unreviewed
CVE-2023-24048
was published
Dec 5, 2023
Cross-Site Request Forgery (CSRF) vulnerability in Nitin Rathod WP Forms Puzzle Captcha allows...
High
Unreviewed
CVE-2023-48278
was published
Nov 30, 2023
Cross-Site Request Forgery (CSRF), Missing Authorization vulnerability in gVectors Team wpForo...
High
Unreviewed
CVE-2023-47870
was published
Nov 30, 2023
Cross-Site Request Forgery (CSRF) vulnerability in Really Simple Plugins Complianz, Really Simple...
High
Unreviewed
CVE-2023-33333
was published
Nov 30, 2023
Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the...
High
Unreviewed
CVE-2023-48913
was published
Nov 30, 2023
Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the...
High
Unreviewed
CVE-2023-48912
was published
Nov 30, 2023
Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the...
High
Unreviewed
CVE-2023-48914
was published
Nov 30, 2023
Cross-Site Request Forgery (CSRF) vulnerability in Brainstorm Force US LLC Schema Pro allows...
High
Unreviewed
CVE-2023-36682
was published
Nov 30, 2023
Cross-Site Request Forgery (CSRF) leading to Cross-Site Scripting (XSS) vulnerability in Poporon...
High
Unreviewed
CVE-2023-47790
was published
Nov 23, 2023
Cross-Site Request Forgery (CSRF) vulnerability in LayerSlider plugin <= 7.7.9 versions.
High
Unreviewed
CVE-2023-47785
was published
Nov 22, 2023
Cross-Site Request Forgery (CSRF) vulnerability in Thrive Themes Thrive Theme Builder <= 3.24.2...
High
Unreviewed
CVE-2023-47781
was published
Nov 22, 2023
The UserPro plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to,...
High
Unreviewed
CVE-2023-2440
was published
Nov 22, 2023
The UserPro plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to,...
High
Unreviewed
CVE-2023-2497
was published
Nov 22, 2023
OpenSIS Classic Community Edition version 9.0 lacks cross-site request forgery (CSRF) protection...
High
Unreviewed
CVE-2023-38885
was published
Nov 20, 2023
The WooHoo Newspaper Magazine theme does not have CSRF check in place when updating its settings,...
High
Unreviewed
CVE-2023-4824
was published
Nov 20, 2023
The Audio Merchant plugin for WordPress is vulnerable to Cross-Site Request Forgery in all...
High
Unreviewed
CVE-2023-6196
was published
Nov 20, 2023
Dreamer_cms 4.1.3 is vulnerable to Cross Site Request Forgery (CSRF) via Add permissions to CSRF...
High
Unreviewed
CVE-2023-48017
was published
Nov 18, 2023
A Cross Site Request Forgery vulnerability in ePolicy Orchestrator prior to 5.10.0 CP1 Update 2...
High
Unreviewed
CVE-2023-5444
was published
Nov 17, 2023
Cross-site request forgery (CSRF) vulnerability in CubeCart prior to 6.5.3 allows a remote...
High
Unreviewed
CVE-2023-38130
was published
Nov 17, 2023
Cross-Site Request Forgery (CSRF) vulnerability in DedeCMS v5.7 in 110 backend management...
High
Unreviewed
CVE-2023-43275
was published
Nov 16, 2023
Cross-Site Request Forgery (CSRF) vulnerability in RedNao Donations Made Easy – Smart Donations...
High
Unreviewed
CVE-2023-47550
was published
Nov 14, 2023
ProTip!
Advisories are also available from the
GraphQL API