GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,972
Erlang
29
GitHub Actions
16
Go
1,762
Maven
4,983
npm
3,518
NuGet
609
pip
3,094
Pub
10
RubyGems
833
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
5,043 advisories
Filter by severity
A Cross-Site Request Forgery (CSRF) vulnerability exists in mudler/LocalAI versions up to and...
Moderate
Unreviewed
CVE-2024-5616
was published
Jul 6, 2024
The Nested Pages plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions...
High
Unreviewed
CVE-2024-5943
was published
Jul 4, 2024
Cross-Site Request Forgery (CSRF) in stitionai/devika
High
Unreviewed
CVE-2024-5887
was published
Jul 3, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component ...
Moderate
Unreviewed
CVE-2024-39153
was published
Jun 27, 2024
The WPQA Builder WordPress plugin before 6.1.1 does not have CSRF checks in some places, which...
High
Unreviewed
CVE-2024-2376
was published
Jul 3, 2024
The Himer WordPress theme before 2.1.1 does not have CSRF checks in some places, which could...
Moderate
Unreviewed
CVE-2024-2235
was published
Jul 3, 2024
The Himer WordPress theme before 2.1.1 does not have CSRF checks in some places, which could...
Moderate
Unreviewed
CVE-2024-2233
was published
Jul 3, 2024
The Snippet Shortcodes plugin for WordPress is vulnerable to Cross-Site Request Forgery in all...
Moderate
Unreviewed
CVE-2024-4543
was published
Jul 3, 2024
The Himer WordPress theme before 2.1.1 does not have CSRF checks in some places, which could...
Moderate
Unreviewed
CVE-2024-2040
was published
Jul 3, 2024
The sitetweet WordPress plugin through 0.2 does not have CSRF check in some places, and is...
High
Unreviewed
CVE-2024-5767
was published
Jul 2, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component ...
Low
Unreviewed
CVE-2024-39157
was published
Jun 27, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component ...
Low
Unreviewed
CVE-2024-39156
was published
Jun 27, 2024
A Cross-Site Request Forgery (CSRF) vulnerability was discovered in OpenKM Community Edition on...
Moderate
Unreviewed
CVE-2024-35475
was published
May 22, 2024
Syslifters SysReptor before 2024.40 has a CSRF vulnerability for WebSocket connections.
High
Unreviewed
CVE-2024-36076
was published
May 19, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component ...
Unknown
Unreviewed
CVE-2024-35560
was published
May 22, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component ...
High
Unreviewed
CVE-2024-35559
was published
May 22, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component ...
Moderate
Unreviewed
CVE-2024-35557
was published
May 22, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component ...
Unknown
Unreviewed
CVE-2024-35554
was published
May 22, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component ...
Unknown
Unreviewed
CVE-2024-35551
was published
May 22, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component ...
Moderate
Unreviewed
CVE-2024-35555
was published
May 22, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component ...
High
Unreviewed
CVE-2024-35108
was published
May 15, 2024
idccms V1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via admin/tplSys_deal...
Unknown
Unreviewed
CVE-2024-35039
was published
May 16, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
Moderate
Unreviewed
CVE-2024-34958
was published
May 16, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component ...
Moderate
Unreviewed
CVE-2024-35109
was published
May 15, 2024
The WP Prayer WordPress plugin through 2.0.9 does not have CSRF checks in some places, which...
Moderate
Unreviewed
CVE-2024-3407
was published
May 15, 2024
ProTip!
Advisories are also available from the
GraphQL API