GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,971
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,091
Pub
10
RubyGems
833
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
2,195 advisories
Filter by severity
Cross-Site Request Forgery (CSRF) in stitionai/devika
High
Unreviewed
CVE-2024-5887
was published
Jul 3, 2024
The WPQA Builder WordPress plugin before 6.1.1 does not have CSRF checks in some places, which...
High
Unreviewed
CVE-2024-2376
was published
Jul 3, 2024
The sitetweet WordPress plugin through 0.2 does not have CSRF check in some places, and is...
High
Unreviewed
CVE-2024-5767
was published
Jul 2, 2024
Cross-Site Request Forgery (CSRF) in stitionai/devika
High
Unreviewed
CVE-2024-5712
was published
Jun 29, 2024
A Cross-Site Request Forgery (CSRF) vulnerability exists in the XTTS server of parisneo/lollms...
High
Unreviewed
CVE-2024-4499
was published
Jun 24, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Ali2Woo Ali2Woo Lite.This issue affects...
High
Unreviewed
CVE-2024-37212
was published
Jun 21, 2024
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions ...
High
Unreviewed
CVE-2024-35207
was published
Jun 11, 2024
A Cross-Site Request Forgery (CSRF) vulnerability exists in the profile picture upload...
High
Unreviewed
CVE-2024-2288
was published
Jun 6, 2024
A Cross-Site Request Forgery (CSRF) vulnerability in significant-gravitas/autogpt version v0.5.0...
High
Unreviewed
CVE-2024-1879
was published
Jun 6, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
High
Unreviewed
CVE-2024-36669
was published
Jun 5, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
High
Unreviewed
CVE-2024-36668
was published
Jun 5, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component ...
High
Unreviewed
CVE-2024-36667
was published
Jun 5, 2024
idccms V1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via admin...
High
Unreviewed
CVE-2024-36548
was published
Jun 4, 2024
idccms V1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admin...
High
Unreviewed
CVE-2024-36550
was published
Jun 4, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admin...
High
Unreviewed
CVE-2024-36549
was published
Jun 4, 2024
idccms V1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
High
Unreviewed
CVE-2024-36547
was published
Jun 4, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component ...
High
Unreviewed
CVE-2024-35559
was published
May 22, 2024
Syslifters SysReptor before 2024.40 has a CSRF vulnerability for WebSocket connections.
High
Unreviewed
CVE-2024-36076
was published
May 19, 2024
Cross-Site Request Forgery (CSRF) vulnerability in WP Automatic Automatic allows Privilege...
High
Unreviewed
CVE-2024-27955
was published
May 17, 2024
Cross-Site Request Forgery (CSRF) vulnerability in WP Hive Events Rich Snippets for Google allows...
High
Unreviewed
CVE-2023-44478
was published
May 17, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component ...
High
Unreviewed
CVE-2024-35108
was published
May 15, 2024
Cross-Site Request Forgery (CSRF) vulnerability in WebinarPress.This issue affects WebinarPress:...
High
Unreviewed
CVE-2024-34818
was published
May 14, 2024
Cross-Site Request Forgery vulnerability in Socomec Net Vision, version 7.20. This vulnerability...
High
Unreviewed
CVE-2024-4600
was published
May 7, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Popup Box Team Popup box allows Cross-Site...
High
Unreviewed
CVE-2024-34367
was published
May 6, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component ...
High
Unreviewed
CVE-2024-33830
was published
May 6, 2024
ProTip!
Advisories are also available from the
GraphQL API