Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,634
NuGet
638
pip
3,250
Pub
10
RubyGems
867
Rust
819
Swift
35
Unreviewed advisories
All unreviewed
5,000+

3,250 advisories

Loading
Cross-Site Request Forgery in JupyterHub Moderate
CVE-2020-36191 was published for jupyterhub (pip) May 24, 2022
An issue was discovered in the SportsTeams extension for MediaWiki before 1.35.12, 1.36.x through... Moderate Unreviewed
CVE-2023-45374 was published Oct 9, 2023
A Cross-Site Request Forgery vulnerability in GitHub Enterprise Server allowed write operations... Moderate Unreviewed
CVE-2024-5815 was published Jul 17, 2024
Magento Open Source Cross-Site Request Forgery (CSRF) vulnerability Moderate
CVE-2024-39410 was published for magento/community-edition (Composer) Aug 14, 2024
Magento Open Source Cross-Site Request Forgery (CSRF) vulnerability Moderate
CVE-2024-39409 was published for magento/community-edition (Composer) Aug 14, 2024
Magento Open Source Cross-Site Request Forgery vulnerability Moderate
CVE-2024-39408 was published for magento/community-edition (Composer) Aug 14, 2024
Lunary Cross-Site Request Forgery (CSRF) vulnerability Moderate
CVE-2024-6862 was published for lunary (npm) Sep 13, 2024
The Favicon Generator (CLOSED) WordPress plugin before 2.1 does not have CSRF and path validation... Moderate Unreviewed
CVE-2024-7864 was published Sep 13, 2024
The Music Request Manager WordPress plugin through 1.3 does not have CSRF check in some places,... Moderate Unreviewed
CVE-2024-6017 was published Sep 12, 2024
archivy is vulnerable to Cross-Site Request Forgery (CSRF) Moderate
CVE-2021-4162 was published for archivy (pip) Jan 6, 2022
westonsteimel
The Easy Property Listings WordPress plugin before 3.5.4 does not have CSRF check when deleting... Moderate Unreviewed
CVE-2024-3163 was published Sep 12, 2024
The Visual Sound WordPress plugin through 1.03 does not have CSRF check in place when updating... Moderate Unreviewed
CVE-2024-7859 was published Sep 12, 2024
The Misiek Photo Album WordPress plugin through 1.4.3 does not have CSRF checks in some places,... Moderate Unreviewed
CVE-2024-7817 was published Sep 12, 2024
The blogintroduction-wordpress-plugin WordPress plugin through 0.3.0 does not have CSRF check in... Moderate Unreviewed
CVE-2024-7862 was published Sep 12, 2024
The ILC Thickbox WordPress plugin through 1.0 does not have CSRF check in place when updating its... Moderate Unreviewed
CVE-2024-7820 was published Sep 12, 2024
The WP MultiTasking WordPress plugin through 0.1.12 does not have CSRF check in place when... Moderate Unreviewed
CVE-2024-6856 was published Sep 8, 2024
The WP MultiTasking WordPress plugin through 0.1.12 does not have CSRF check when updating exit... Moderate Unreviewed
CVE-2024-6855 was published Sep 8, 2024
The WP MultiTasking WordPress plugin through 0.1.12 does not have CSRF check in place when... Moderate Unreviewed
CVE-2024-6852 was published Sep 8, 2024
The TrueBooker WordPress plugin before 1.0.3 does not have CSRF check in place when updating its... Moderate Unreviewed
CVE-2024-6925 was published Sep 8, 2024
The WP MultiTasking WordPress plugin through 0.1.12 does not have CSRF check when updating... Moderate Unreviewed
CVE-2024-6853 was published Sep 8, 2024
The Tutor LMS plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to,... Moderate Unreviewed
CVE-2023-2919 was published Sep 10, 2024
A vulnerability, which was classified as problematic, was found in Tianjin PubliCMS 4.0.202302.e.... Moderate Unreviewed
CVE-2024-2911 was published Mar 27, 2024
The AZIndex WordPress plugin through 0.8.1 does not have CSRF checks in some places, which could... Moderate Unreviewed
CVE-2024-7688 was published Sep 9, 2024
The WP Plugin Lister WordPress plugin through 2.1.0 does not have CSRF check in some places, and... Moderate Unreviewed
CVE-2023-6503 was published Jan 29, 2024
An issue was discovered in za-internet C-MOR Video Surveillance 5.2401 and 6.00PL01. Due to... Moderate Unreviewed
CVE-2024-45172 was published Sep 4, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database