GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,985
Erlang
29
GitHub Actions
16
Go
1,771
Maven
4,995
npm
3,541
NuGet
617
pip
3,120
Pub
10
RubyGems
838
Rust
788
Swift
34
Unreviewed advisories
All unreviewed
5,000+
2,509 advisories
Filter by severity
The wp-cart-for-digital-products WordPress plugin before 8.5.5 does not have CSRF checks in some...
High
Unreviewed
CVE-2024-6075
was published
Jul 15, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Ali2Woo Team Ali2Woo Lite allows Cross-Site...
High
Unreviewed
CVE-2024-37213
was published
Jul 12, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Seraphinite Solutions Seraphinite Accelerator ...
High
Unreviewed
CVE-2024-37940
was published
Jul 12, 2024
Cross-Site Request Forgery (CSRF) vulnerability in WPJohnny, zerOneIT Comment Reply Email allows...
High
Unreviewed
CVE-2024-35773
was published
Jul 12, 2024
The VikRentCar Car Rental Management System WordPress plugin before 1.3.2 does not have CSRF...
High
Unreviewed
CVE-2024-1845
was published
Jul 11, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ...
High
Unreviewed
CVE-2024-40329
was published
Jul 10, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ...
High
Unreviewed
CVE-2024-40331
was published
Jul 10, 2024
Cross-Site request forgery in Checkmk < 2.3.0p8, < 2.2.0p29, < 2.1.0p45, and <= 2.0.0p39 (EOL)...
High
Unreviewed
CVE-2024-28828
was published
Jul 10, 2024
Insecure handling of GET header parameter file included in requests being sent to an instance of...
High
Unreviewed
CVE-2024-3798
was published
Jul 10, 2024
Multiple cross-site request forgery (CSRF) vulnerabilities [CWE-352] in FortiAIOps version 2.0.0...
High
Unreviewed
CVE-2024-27783
was published
Jul 9, 2024
A cross-site request forgery (csrf) vulnerability exists in the boa CSRF protection functionality...
High
Unreviewed
CVE-2023-47677
was published
Jul 8, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via...
High
Unreviewed
CVE-2024-39023
was published
Jul 5, 2024
The Nested Pages plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions...
High
Unreviewed
CVE-2024-5943
was published
Jul 4, 2024
Cross-Site Request Forgery (CSRF) in stitionai/devika
High
Unreviewed
CVE-2024-5887
was published
Jul 3, 2024
The WPQA Builder WordPress plugin before 6.1.1 does not have CSRF checks in some places, which...
High
Unreviewed
CVE-2024-2376
was published
Jul 3, 2024
The sitetweet WordPress plugin through 0.2 does not have CSRF check in some places, and is...
High
Unreviewed
CVE-2024-5767
was published
Jul 2, 2024
Cross Site Request Forgery (CSRF) vulnerability in savignano S/Notify before 4.0.2 for Confluence...
High
Unreviewed
CVE-2024-23736
was published
Jul 2, 2024
Cross-Site Request Forgery (CSRF) in stitionai/devika
High
Unreviewed
CVE-2024-5712
was published
Jun 29, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component ...
High
Unreviewed
CVE-2024-39154
was published
Jun 27, 2024
A Cross-Site Request Forgery (CSRF) vulnerability exists in the XTTS server of parisneo/lollms...
High
Unreviewed
CVE-2024-4499
was published
Jun 24, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Ali2Woo Ali2Woo Lite.This issue affects...
High
Unreviewed
CVE-2024-37212
was published
Jun 21, 2024
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions ...
High
Unreviewed
CVE-2024-35207
was published
Jun 11, 2024
Zend-Navigation vulnerable to Cross-site Scripting
High
GHSA-6v7p-5qcq-268c
was published
for
zendframework/zend-navigation
(Composer)
Jun 7, 2024
Zend-Feed URL Rewrite vulnerability
High
GHSA-jmmp-vh96-78rm
was published
for
zendframework/zend-feed
(Composer)
Jun 7, 2024
Zend-HTTP URL Rewrite vulnerability
High
GHSA-cg8w-5jrc-675g
was published
for
zendframework/zend-http
(Composer)
Jun 7, 2024
ProTip!
Advisories are also available from the
GraphQL API