Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

5,692 advisories

Loading
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request forgery which could... Moderate Unreviewed
CVE-2024-31902 was published Jun 30, 2024
Cross-Site Request Forgery (CSRF) in stitionai/devika High Unreviewed
CVE-2024-5712 was published Jun 29, 2024
A Cross-Site Request Forgery (CSRF) vulnerability in version 0.5.0 of imartinez/privategpt allows... Moderate Unreviewed
CVE-2024-5935 was published Jun 27, 2024
TruDesk Help Desk/Ticketing Solution v1.1.11 is vulnerable to a Cross-Site Request Forgery (CSRF)... Moderate Unreviewed
CVE-2021-45785 was published Jun 24, 2024
A Cross-Site Request Forgery (CSRF) vulnerability exists in the 'Servers Configurations' function... Moderate Unreviewed
CVE-2024-4839 was published Jun 24, 2024
A Cross-Site Request Forgery (CSRF) vulnerability exists in the XTTS server of parisneo/lollms... High Unreviewed
CVE-2024-4499 was published Jun 24, 2024
Cross-Site Request Forgery (CSRF) vulnerability in presscustomizr Hueman.This issue affects... Moderate Unreviewed
CVE-2024-35772 was published Jun 21, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Dave Kiss Vimeography: Vimeo Video Gallery... Moderate Unreviewed
CVE-2024-35770 was published Jun 21, 2024
Cross-Site Request Forgery (CSRF) vulnerability in presscustomizr Customizr.This issue affects... Moderate Unreviewed
CVE-2024-35771 was published Jun 21, 2024
Cross-Site Request Forgery (CSRF) vulnerability in blazethemes Digital Newspaper.This issue... Moderate Unreviewed
CVE-2024-37198 was published Jun 21, 2024
Cross Site Request Forgery (CSRF) vulnerability in Uncanny Owl Uncanny Automator Pro.This issue... Moderate Unreviewed
CVE-2024-37118 was published Jun 21, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Ali2Woo Ali2Woo Lite.This issue affects... High Unreviewed
CVE-2024-37212 was published Jun 21, 2024
Cross Site Request Forgery (CSRF) vulnerability in Tribulant Newsletters.This issue affects... Moderate Unreviewed
CVE-2024-37227 was published Jun 21, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Rara Theme Book Landing Page.This issue... Moderate Unreviewed
CVE-2024-37230 was published Jun 21, 2024
The Widget Bundle WordPress plugin through 2.0.0 does not have CSRF checks when logging Widgets,... Moderate Unreviewed
CVE-2024-4969 was published Jun 21, 2024
Cross-Site Request Forgery (CSRF) vulnerability in GamiPress.This issue affects GamiPress: from n... Moderate Unreviewed
CVE-2023-25697 was published Jun 19, 2024
The Paradox IP150 Internet Module in version 1.40.00 is vulnerable to Cross-Site Request Forgery ... Moderate Unreviewed
CVE-2024-5676 was published Jun 19, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Averta Master Slider.This issue affects Master... Moderate Unreviewed
CVE-2023-50900 was published Jun 19, 2024
Moodle CSRF risks due to misuse of confirm_sesskey Moderate
CVE-2024-38276 was published for moodle/moodle (Composer) Jun 18, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Lim Kai Yang Grab & Save.This issue affects... Moderate Unreviewed
CVE-2023-47845 was published Jun 12, 2024
A Cross-site request forgery (CSRF) flaw was found in Keycloak and occurs due to the lack of a... Low Unreviewed
CVE-2024-5203 was published Jun 12, 2024
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions ... High Unreviewed
CVE-2024-35207 was published Jun 11, 2024
Emlog pro2.3 is vulnerable to Cross Site Request Forgery (CSRF) via twitter.php which can be used... Moderate Unreviewed
CVE-2024-31612 was published Jun 10, 2024
A Cross-Site Request Forgery (CSRF) vulnerability exists in the restart_program function of the... Moderate Unreviewed
CVE-2024-4403 was published Jun 10, 2024
Cross-Site Request Forgery vulnerability in Comtrend router WLD71-T1_v2.0.201820, affecting the... Moderate Unreviewed
CVE-2024-5786 was published Jun 10, 2024
ProTip! Advisories are also available from the GraphQL API