GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
3,016 advisories
Filter by severity
Cross-site request forgery (CSRF) vulnerability in NEC Corporation UNIVERGE IX from Ver9.2 to...
Moderate
Unreviewed
CVE-2024-11014
was published
Nov 29, 2024
The dynamic-widgets plugin before 1.5.11 for WordPress has CSRF with resultant XSS via the wp...
Moderate
Unreviewed
CVE-2015-9437
was published
May 24, 2022
The WordPress Contact Forms by Cimatti plugin for WordPress is vulnerable to Cross-Site Request...
Moderate
Unreviewed
CVE-2024-10521
was published
Nov 27, 2024
A vulnerability, which was classified as problematic, was found in SourceCodester Best House...
Moderate
Unreviewed
CVE-2024-11743
was published
Nov 26, 2024
Appspace 6.2.4 is affected by Incorrect Access Control via the Appspace Web Portal password reset...
Moderate
Unreviewed
CVE-2021-27704
was published
Nov 13, 2024
The Skt NURCaptcha plugin for WordPress is vulnerable to Cross-Site Request Forgery in all...
Moderate
Unreviewed
CVE-2024-11342
was published
Nov 26, 2024
A vulnerability, which was classified as problematic, has been found in 1000 Projects Bookstore...
Moderate
Unreviewed
CVE-2024-11673
was published
Nov 26, 2024
Cross Site Request Forgery vulnerability in DLink DWR 2000M 5G CPE With Wifi 6 Ax1800 and Dlink...
Moderate
Unreviewed
CVE-2024-28731
was published
Nov 13, 2024
Zimbra GraphQL Cross-Site Request Forgery Information Disclosure Vulnerability. This...
Moderate
Unreviewed
CVE-2024-9665
was published
Nov 22, 2024
Broken Access Control vulnerability in Nickolas Bossinas WordPress File Upload allows Exploiting...
Moderate
Unreviewed
CVE-2024-39639
was published
Nov 1, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Veribo, Roland Murg WP Simple Booking Calendar...
Moderate
Unreviewed
CVE-2023-51525
was published
Mar 15, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Advanced Order Export For WooCommerce plugin <...
Moderate
Unreviewed
CVE-2022-40128
was published
Nov 9, 2022
Cross-Site Request Forgery (CSRF) vulnerability in Vivwebs Dynamic Widgets.This issue affects...
Moderate
Unreviewed
CVE-2024-51669
was published
Nov 20, 2024
Cross-Site Request Forgery (CSRF) vulnerability in W3speedster W3SPEEDSTER.This issue affects...
Moderate
Unreviewed
CVE-2024-52392
was published
Nov 20, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Creative Motion Disable Admin Notices...
Moderate
Unreviewed
CVE-2024-52420
was published
Nov 19, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Repute InfoSystems ARMember, Repute...
Moderate
Unreviewed
CVE-2022-47424
was published
Nov 19, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Automattic, Inc. Crowdsignal Dashboard – Polls...
Moderate
Unreviewed
CVE-2024-43338
was published
Nov 19, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Deepak Khokhar, Surender Khokhar Manage User...
Moderate
Unreviewed
CVE-2024-51686
was published
Nov 19, 2024
07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component ...
Moderate
Unreviewed
CVE-2024-51156
was published
Nov 15, 2024
SOCIFI Socifi Guest wifi as SAAS is affected by Cross Site Request Forgery (CSRF) via the Socifi...
Moderate
Unreviewed
CVE-2021-27701
was published
Nov 13, 2024
07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
Moderate
Unreviewed
CVE-2024-51157
was published
Nov 8, 2024
The 404 Error Monitor plugin for WordPress is vulnerable to Cross-Site Request Forgery in all...
Moderate
Unreviewed
CVE-2024-11118
was published
Nov 16, 2024
The EleForms – All In One Form Integration including DB for Elementor plugin for WordPress is...
Moderate
Unreviewed
CVE-2024-6628
was published
Nov 16, 2024
VaeMendis - CWE-352: Cross-Site Request Forgery (CSRF)
Moderate
Unreviewed
CVE-2024-47914
was published
Nov 14, 2024
The WPForms – Easy Form Builder for WordPress – Contact Forms, Payment Forms, Surveys, & More...
Moderate
Unreviewed
CVE-2024-10593
was published
Nov 13, 2024
ProTip!
Advisories are also available from the
GraphQL API