GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
2,328 advisories
Filter by severity
Cross-Site Request Forgery (CSRF) vulnerability in RudeStan VKontakte Wall Post allows Stored XSS...
High
Unreviewed
CVE-2024-49313
was published
Oct 17, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Shibu Lijack a.K.A CyberJack CJ Change Howdy...
High
Unreviewed
CVE-2024-49223
was published
Oct 17, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Cookie Scanner – Nikel Schubert Cookie Scanner...
High
Unreviewed
CVE-2024-49220
was published
Oct 17, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Julian Weinert // cs&m cSlider allows Stored...
High
Unreviewed
CVE-2024-49221
was published
Oct 17, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Arif Nezami Better Author Bio allows Cross...
High
Unreviewed
CVE-2024-49229
was published
Oct 17, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Ahmet Imamoglu Ahmeti Wp Timeline allows...
High
Unreviewed
CVE-2024-49237
was published
Oct 17, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Microchip TimeProvider 4100 allows Cross Site...
High
Unreviewed
CVE-2024-43684
was published
Oct 4, 2024
Cross-Site Request Forgery (CSRF) vulnerability in WSIFY – Sales can fly Wsify Widget allows...
High
Unreviewed
CVE-2024-48048
was published
Oct 17, 2024
A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone...
High
Unreviewed
CVE-2024-20421
was published
Oct 16, 2024
The File Manager Pro plugin for WordPress is vulnerable to Cross-Site Request Forgery in all...
High
Unreviewed
CVE-2024-8507
was published
Oct 16, 2024
Users logged into the Apache CloudStack's web interface can be tricked to submit malicious CSRF...
High
Unreviewed
CVE-2024-45693
was published
Oct 16, 2024
The WP Fastest Cache plugin for WordPress is vulnerable to unauthorized arbitrary file deletion...
High
Unreviewed
CVE-2020-36836
was published
Oct 16, 2024
The WP Lead Plus X plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions...
High
Unreviewed
CVE-2020-36839
was published
Oct 16, 2024
The WP Fluent Forms plugin < 3.6.67 for WordPress is vulnerable to Cross-Site Request Forgery...
High
Unreviewed
CVE-2021-34620
was published
May 24, 2022
A Cross-Site Request Forgery (CSRF) in Codeigniter 3.1.13 allows attackers to arbitrarily change...
High
Unreviewed
CVE-2024-41344
was published
Oct 15, 2024
3DSecure 2.0 allows CSRF in the Authorization Method via modified Origin and Referer HTTP headers.
High
Unreviewed
CVE-2024-25286
was published
Oct 9, 2024
The Popup Builder WordPress plugin before 4.2.6 does not validate a parameter before making a...
High
Unreviewed
CVE-2023-6294
was published
Feb 12, 2024
Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 devices are susceptible to Cross Site Request Forgery...
High
Unreviewed
CVE-2023-47578
was published
Dec 13, 2023
Cross-Site Request Forgery (CSRF) vulnerability in Nicejob NiceJob allows Stored XSS.This issue...
High
Unreviewed
CVE-2024-44028
was published
Oct 6, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Copyscape / Indigo Stream Technologies...
High
Unreviewed
CVE-2024-47644
was published
Oct 5, 2024
The TEM Opera Plus FM Family Transmitter application interface allows users to perform certain...
High
Unreviewed
CVE-2024-41987
was published
Oct 3, 2024
Certain switch models from PLANET Technology have a web application that is vulnerable to Cross...
High
Unreviewed
CVE-2024-8458
was published
Sep 30, 2024
The Favicon Generator (CLOSED) WordPress plugin before 2.1 does not validate files to be uploaded...
High
Unreviewed
CVE-2024-7863
was published
Sep 13, 2024
Advantech ADAM-5630 contains a cross-site request forgery (CSRF) vulnerability. It allows an...
High
Unreviewed
CVE-2024-28948
was published
Sep 27, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
High
Unreviewed
CVE-2024-36670
was published
Jun 5, 2024
ProTip!
Advisories are also available from the
GraphQL API