GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,996
Erlang
29
GitHub Actions
16
Go
1,782
Maven
5,000+
npm
3,545
NuGet
620
pip
3,136
Pub
10
RubyGems
838
Rust
795
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
2,216 advisories
Filter by severity
The The Moneytizer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all...
High
Unreviewed
CVE-2023-6968
was published
Jun 6, 2024
The PZ Frontend Manager WordPress plugin before 1.0.6 does not have CSRF checks in some places,...
High
Unreviewed
CVE-2024-6244
was published
Jul 22, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ...
High
Unreviewed
CVE-2024-40037
was published
Jul 9, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ...
High
Unreviewed
CVE-2024-40039
was published
Jul 9, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ...
High
Unreviewed
CVE-2024-40034
was published
Jul 9, 2024
The wp-cart-for-digital-products WordPress plugin before 8.5.5 does not have CSRF checks in some...
High
Unreviewed
CVE-2024-6075
was published
Jul 15, 2024
NETGEAR R6250 before 1.0.4.6.Beta, R6400 before 1.0.1.18.Beta, R6700 before 1.0.1.14.Beta, R6900,...
High
Unreviewed
CVE-2016-6277
was published
May 17, 2022
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ...
High
Unreviewed
CVE-2024-40329
was published
Jul 10, 2024
The VikRentCar Car Rental Management System WordPress plugin before 1.3.2 does not have CSRF...
High
Unreviewed
CVE-2024-1845
was published
Jul 11, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ...
High
Unreviewed
CVE-2024-40331
was published
Jul 10, 2024
Cross-Site Request Forgery (CSRF) vulnerability in WPJohnny, zerOneIT Comment Reply Email allows...
High
Unreviewed
CVE-2024-35773
was published
Jul 12, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Seraphinite Solutions Seraphinite Accelerator ...
High
Unreviewed
CVE-2024-37940
was published
Jul 12, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Ali2Woo Team Ali2Woo Lite allows Cross-Site...
High
Unreviewed
CVE-2024-37213
was published
Jul 12, 2024
Cross Site Request Forgery (CSRF) vulnerability in savignano S/Notify before 4.0.2 for Confluence...
High
Unreviewed
CVE-2024-23736
was published
Jul 2, 2024
Cross-Site request forgery in Checkmk < 2.3.0p8, < 2.2.0p29, < 2.1.0p45, and <= 2.0.0p39 (EOL)...
High
Unreviewed
CVE-2024-28828
was published
Jul 10, 2024
Insecure handling of GET header parameter file included in requests being sent to an instance of...
High
Unreviewed
CVE-2024-3798
was published
Jul 10, 2024
Multiple cross-site request forgery (CSRF) vulnerabilities [CWE-352] in FortiAIOps version 2.0.0...
High
Unreviewed
CVE-2024-27783
was published
Jul 9, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via...
High
Unreviewed
CVE-2024-39023
was published
Jul 5, 2024
A cross-site request forgery (csrf) vulnerability exists in the boa CSRF protection functionality...
High
Unreviewed
CVE-2023-47677
was published
Jul 8, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component ...
High
Unreviewed
CVE-2024-39154
was published
Jun 27, 2024
The Nested Pages plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions...
High
Unreviewed
CVE-2024-5943
was published
Jul 4, 2024
Cross-Site Request Forgery (CSRF) in stitionai/devika
High
Unreviewed
CVE-2024-5887
was published
Jul 3, 2024
The WPQA Builder WordPress plugin before 6.1.1 does not have CSRF checks in some places, which...
High
Unreviewed
CVE-2024-2376
was published
Jul 3, 2024
The sitetweet WordPress plugin through 0.2 does not have CSRF check in some places, and is...
High
Unreviewed
CVE-2024-5767
was published
Jul 2, 2024
ProTip!
Advisories are also available from the
GraphQL API