Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,985
Erlang
29
GitHub Actions
16
Go
1,771
Maven
4,995
npm
3,541
NuGet
617
pip
3,120
Pub
10
RubyGems
838
Rust
788
Swift
34
Unreviewed advisories
All unreviewed
5,000+

2,509 advisories

Loading
The wp-cart-for-digital-products WordPress plugin before 8.5.5 does not have CSRF checks in some... High Unreviewed
CVE-2024-6075 was published Jul 15, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Ali2Woo Team Ali2Woo Lite allows Cross-Site... High Unreviewed
CVE-2024-37213 was published Jul 12, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Seraphinite Solutions Seraphinite Accelerator ... High Unreviewed
CVE-2024-37940 was published Jul 12, 2024
Cross-Site Request Forgery (CSRF) vulnerability in WPJohnny, zerOneIT Comment Reply Email allows... High Unreviewed
CVE-2024-35773 was published Jul 12, 2024
The VikRentCar Car Rental Management System WordPress plugin before 1.3.2 does not have CSRF... High Unreviewed
CVE-2024-1845 was published Jul 11, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ... High Unreviewed
CVE-2024-40329 was published Jul 10, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ... High Unreviewed
CVE-2024-40331 was published Jul 10, 2024
Cross-Site request forgery in Checkmk < 2.3.0p8, < 2.2.0p29, < 2.1.0p45, and <= 2.0.0p39 (EOL)... High Unreviewed
CVE-2024-28828 was published Jul 10, 2024
Insecure handling of GET header parameter file included in requests being sent to an instance of... High Unreviewed
CVE-2024-3798 was published Jul 10, 2024
Multiple cross-site request forgery (CSRF) vulnerabilities [CWE-352] in FortiAIOps version 2.0.0... High Unreviewed
CVE-2024-27783 was published Jul 9, 2024
A cross-site request forgery (csrf) vulnerability exists in the boa CSRF protection functionality... High Unreviewed
CVE-2023-47677 was published Jul 8, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via... High Unreviewed
CVE-2024-39023 was published Jul 5, 2024
The Nested Pages plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions... High Unreviewed
CVE-2024-5943 was published Jul 4, 2024
Cross-Site Request Forgery (CSRF) in stitionai/devika High Unreviewed
CVE-2024-5887 was published Jul 3, 2024
The WPQA Builder WordPress plugin before 6.1.1 does not have CSRF checks in some places, which... High Unreviewed
CVE-2024-2376 was published Jul 3, 2024
The sitetweet WordPress plugin through 0.2 does not have CSRF check in some places, and is... High Unreviewed
CVE-2024-5767 was published Jul 2, 2024
Cross Site Request Forgery (CSRF) vulnerability in savignano S/Notify before 4.0.2 for Confluence... High Unreviewed
CVE-2024-23736 was published Jul 2, 2024
Cross-Site Request Forgery (CSRF) in stitionai/devika High Unreviewed
CVE-2024-5712 was published Jun 29, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component ... High Unreviewed
CVE-2024-39154 was published Jun 27, 2024
A Cross-Site Request Forgery (CSRF) vulnerability exists in the XTTS server of parisneo/lollms... High Unreviewed
CVE-2024-4499 was published Jun 24, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Ali2Woo Ali2Woo Lite.This issue affects... High Unreviewed
CVE-2024-37212 was published Jun 21, 2024
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions ... High Unreviewed
CVE-2024-35207 was published Jun 11, 2024
Zend-Navigation vulnerable to Cross-site Scripting High
GHSA-6v7p-5qcq-268c was published for zendframework/zend-navigation (Composer) Jun 7, 2024
Zend-Feed URL Rewrite vulnerability High
GHSA-jmmp-vh96-78rm was published for zendframework/zend-feed (Composer) Jun 7, 2024
Zend-HTTP URL Rewrite vulnerability High
GHSA-cg8w-5jrc-675g was published for zendframework/zend-http (Composer) Jun 7, 2024
ProTip! Advisories are also available from the GraphQL API