GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,996
Erlang
29
GitHub Actions
16
Go
1,782
Maven
5,000+
npm
3,545
NuGet
620
pip
3,136
Pub
10
RubyGems
838
Rust
795
Swift
34
Unreviewed advisories
All unreviewed
5,000+
3,149 advisories
Filter by severity
A vulnerability was found in SourceCodester Medicine Tracker System 1.0. It has been declared as...
Moderate
Unreviewed
CVE-2024-7226
was published
Jul 30, 2024
The Similarity WordPress plugin through 3.0 does not have CSRF check in place when resetting its...
Moderate
Unreviewed
CVE-2024-3971
was published
Jun 14, 2024
The Similarity WordPress plugin through 3.0 does not have CSRF check in some places, and is...
Moderate
Unreviewed
CVE-2024-3972
was published
Jun 14, 2024
A vulnerability classified as problematic has been found in SourceCodester School Fees Payment...
Moderate
Unreviewed
CVE-2024-7169
was published
Jul 28, 2024
A vulnerability classified as problematic was found in SeaCMS 13.0. Affected by this...
Moderate
Unreviewed
CVE-2024-7161
was published
Jul 28, 2024
A vulnerability classified as problematic was found in Spina CMS 2.18.0. Affected by this...
Moderate
Unreviewed
CVE-2024-7106
was published
Jul 25, 2024
The Community Events WordPress plugin before 1.5 does not have CSRF check in place when deleting...
Moderate
Unreviewed
CVE-2024-6271
was published
Jul 22, 2024
A vulnerability was found in Spina CMS up to 2.18.0. It has been classified as problematic....
Moderate
Unreviewed
CVE-2024-7065
was published
Jul 24, 2024
The LiteSpeed Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in all...
Moderate
Unreviewed
CVE-2024-3246
was published
Jul 24, 2024
The Social Auto Poster plugin for WordPress is vulnerable to Cross-Site Request Forgery in...
Moderate
Unreviewed
CVE-2024-6751
was published
Jul 24, 2024
The Conditional Fields for Contact Form 7 plugin for WordPress is vulnerable to Cross-Site...
Moderate
Unreviewed
CVE-2024-5804
was published
Jul 20, 2024
ProcessWire Cross Site Request Forgery vulnerability
Moderate
CVE-2024-41597
was published
for
processwire/processwire
(Composer)
Jul 19, 2024
The WP Stacker WordPress plugin through 1.8.5 does not have CSRF check in some places, and is...
Moderate
Unreviewed
CVE-2024-5003
was published
Jun 7, 2024
The WP Logs Book WordPress plugin through 1.0.1 does not have CSRF check in place when updating...
Moderate
Unreviewed
CVE-2024-4474
was published
Jun 21, 2024
The WP Logs Book WordPress plugin through 1.0.1 does not have CSRF check when clearing logs,...
Moderate
Unreviewed
CVE-2024-4475
was published
Jun 21, 2024
The CB (legacy) WordPress plugin through 0.9.4.18 does not have CSRF checks in some bulk actions,...
Moderate
Unreviewed
CVE-2024-4382
was published
Jun 21, 2024
A Cross-Site Request Forgery vulnerability in GitHub Enterprise Server allowed write operations...
Moderate
Unreviewed
CVE-2024-5815
was published
Jul 17, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Internal Link Juicer Internal Link Juicer: SEO...
Moderate
Unreviewed
CVE-2024-37941
was published
Jul 12, 2024
Cross-Site Request Forgery (CSRF) vulnerability in MyThemeShop SociallyViral.This issue affects...
Moderate
Unreviewed
CVE-2024-37938
was published
Jul 12, 2024
Cross-Site Request Forgery (CSRF) vulnerability in VolThemes Patricia Lite.This issue affects...
Moderate
Unreviewed
CVE-2024-37939
was published
Jul 12, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ...
Moderate
Unreviewed
CVE-2024-40328
was published
Jul 10, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via admin/info_deal...
Moderate
Unreviewed
CVE-2024-39119
was published
Jul 2, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ...
Moderate
Unreviewed
CVE-2024-40038
was published
Jul 9, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ...
Moderate
Unreviewed
CVE-2024-40035
was published
Jul 9, 2024
A vulnerability has been found in SourceCodester Employee and Visitor Gate Pass Logging System 1...
Moderate
Unreviewed
CVE-2024-6649
was published
Jul 10, 2024
ProTip!
Advisories are also available from the
GraphQL API