GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,335
Composer 4,133
Erlang 29
GitHub Actions 19
Go 1,939
Maven 5,134
npm 3,677
NuGet 643
pip 3,295
Pub 11
RubyGems 877
Rust 830
Swift 35

Unreviewed advisories

All unreviewed 230,779

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

6,058 advisories

Filter by severity

Sort by

Least recently updated

Hano allows bypass of CSRF Middleware by a request without Content-Type header. Moderate

CVE-2024-48913 was published for hono (npm) Oct 15, 2024

Phpgurukul User Registration & Login and User Management System 3.2 is vulnerable to Cross Site... Moderate Unreviewed

CVE-2024-48278 was published Oct 15, 2024

In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6 and Splunk Cloud Platform versions... Moderate Unreviewed

CVE-2024-45737 was published Oct 14, 2024

Cross-site Resource Forgery (CSRF), Privilege escalation vulnerability in Apache Roller. On multi... Unknown Unreviewed

CVE-2024-46911 was published Oct 14, 2024

The ImagePress – Image Gallery plugin for WordPress is vulnerable to Cross-Site Request Forgery... Moderate Unreviewed

CVE-2024-9778 was published Oct 12, 2024

The Easy PayPal Gift Certificate plugin for WordPress is vulnerable to Cross-Site Request Forgery... Moderate Unreviewed

CVE-2024-9592 was published Oct 12, 2024

The Newsletter, SMTP, Email marketing and Subscribe forms by Brevo (formely Sendinblue) plugin... Moderate Unreviewed

CVE-2024-8477 was published Oct 10, 2024

3DSecure 2.0 allows CSRF in the Authorization Method via modified Origin and Referer HTTP headers. High Unreviewed

CVE-2024-25286 was published Oct 9, 2024

Cross-Site Request Forgery (CSRF) vulnerability in Nicejob NiceJob allows Stored XSS.This issue... High Unreviewed

CVE-2024-44028 was published Oct 6, 2024

Cross-Site Request Forgery (CSRF) vulnerability in Copyscape / Indigo Stream Technologies... High Unreviewed

CVE-2024-47644 was published Oct 5, 2024

Cross-Site Request Forgery (CSRF) vulnerability in TinyPNG.This issue affects TinyPNG: from n/a... Moderate Unreviewed

CVE-2024-47635 was published Oct 5, 2024

Cross-Site Request Forgery (CSRF) vulnerability in The Wikimedia Foundation Mediawiki - Cargo... Moderate Unreviewed

CVE-2024-47846 was published Oct 5, 2024

Cross-Site Request Forgery (CSRF) vulnerability in Microchip TimeProvider 4100 allows Cross Site... High Unreviewed

CVE-2024-43684 was published Oct 4, 2024

The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction &... Moderate Unreviewed

CVE-2024-8520 was published Oct 4, 2024

The TEM Opera Plus FM Family Transmitter application interface allows users to perform certain... High Unreviewed

CVE-2024-41987 was published Oct 3, 2024

A security vulnerability in HPE IceWall Agent products could be exploited remotely to cause a... Moderate Unreviewed

CVE-2024-42504 was published Oct 3, 2024

Cross site request forgery in Kiteworks OwnCloud allows an unauthenticated attacker to forge... Moderate Unreviewed

CVE-2023-7273 was published Oct 1, 2024

Certain switch models from PLANET Technology have a web application that is vulnerable to Cross... High Unreviewed

CVE-2024-8458 was published Sep 30, 2024

Advantech ADAM-5630 contains a cross-site request forgery (CSRF) vulnerability. It allows an... High Unreviewed

CVE-2024-28948 was published Sep 27, 2024

A vulnerability was found in bg5sbk MiniCMS up to 1.11 and classified as problematic. This issue... Moderate Unreviewed

CVE-2024-9281 was published Sep 27, 2024

A vulnerability was found in bg5sbk MiniCMS 1.11. It has been classified as problematic. Affected... Moderate Unreviewed

CVE-2024-9282 was published Sep 27, 2024

Projectworld Online Voting System Version 1.0 is vulnerable to Cross Site Request Forgery (CSRF)... Moderate Unreviewed

CVE-2024-45987 was published Sep 26, 2024

A Cross-Site Request Forgery (CSRF) vulnerability exists in kishan0725's Hospital Management... Moderate Unreviewed

CVE-2024-45983 was published Sep 26, 2024

MZK-DP300N firmware versions 1.04 and earlier contains a cross-site request forger vulnerability.... Moderate Unreviewed

CVE-2024-45372 was published Sep 26, 2024

Cross-Site Request Forgery (CSRF) vulnerability in GiveWP.This issue affects GiveWP: from n/a... Moderate Unreviewed

CVE-2024-47315 was published Sep 25, 2024

Previous 1 2 3 4 5 … 242 243 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

6,058 advisories