Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,076
Erlang
29
GitHub Actions
19
Go
1,895
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
862
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

5,978 advisories

Loading
FrogCMS V0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ... High Unreviewed
CVE-2024-46086 was published Sep 18, 2024
Cross-Site Request Forgery (CSRF) vulnerability in LikeBtn Like Button Rating allows Cross-Site... High Unreviewed
CVE-2024-44064 was published Sep 18, 2024
FrogCMS V0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ... High Unreviewed
CVE-2024-46362 was published Sep 17, 2024
FrogCMS V0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ... High Unreviewed
CVE-2024-46085 was published Sep 17, 2024
The PropertyHive plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions... High Unreviewed
CVE-2024-8490 was published Sep 17, 2024
Lunary Cross-Site Request Forgery (CSRF) vulnerability Moderate
CVE-2024-6862 was published for lunary (npm) Sep 13, 2024
The Stream plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to... High Unreviewed
CVE-2024-7423 was published Sep 13, 2024
The Favicon Generator (CLOSED) WordPress plugin before 2.1 does not have CSRF and path validation... Moderate Unreviewed
CVE-2024-7864 was published Sep 13, 2024
The Misiek Photo Album WordPress plugin through 1.4.3 does not have CSRF checks in some places,... Moderate Unreviewed
CVE-2024-7817 was published Sep 12, 2024
The ILC Thickbox WordPress plugin through 1.0 does not have CSRF check in place when updating its... Moderate Unreviewed
CVE-2024-7820 was published Sep 12, 2024
The Visual Sound WordPress plugin through 1.03 does not have CSRF check in place when updating... Moderate Unreviewed
CVE-2024-7859 was published Sep 12, 2024
The blogintroduction-wordpress-plugin WordPress plugin through 0.3.0 does not have CSRF check in... Moderate Unreviewed
CVE-2024-7862 was published Sep 12, 2024
The Easy Property Listings WordPress plugin before 3.5.4 does not have CSRF check when deleting... Moderate Unreviewed
CVE-2024-3163 was published Sep 12, 2024
The Music Request Manager WordPress plugin through 1.3 does not have CSRF check in some places,... Moderate Unreviewed
CVE-2024-6017 was published Sep 12, 2024
eladmin v2.7 and before is vulnerable to Server-Side Request Forgery (SSRF) which allows an... Critical Unreviewed
CVE-2024-44677 was published Sep 10, 2024
The Tutor LMS plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to,... Moderate Unreviewed
CVE-2023-2919 was published Sep 10, 2024
The AZIndex WordPress plugin through 0.8.1 does not have CSRF checks in some places, which could... Moderate Unreviewed
CVE-2024-7688 was published Sep 9, 2024
The TrueBooker WordPress plugin before 1.0.3 does not have CSRF check in place when updating its... Moderate Unreviewed
CVE-2024-6925 was published Sep 8, 2024
The WP MultiTasking WordPress plugin through 0.1.12 does not have CSRF check in place when... Moderate Unreviewed
CVE-2024-6856 was published Sep 8, 2024
The WP MultiTasking WordPress plugin through 0.1.12 does not have CSRF check in place when... Moderate Unreviewed
CVE-2024-6852 was published Sep 8, 2024
The WP MultiTasking WordPress plugin through 0.1.12 does not have CSRF check when updating... Moderate Unreviewed
CVE-2024-6853 was published Sep 8, 2024
The WP MultiTasking WordPress plugin through 0.1.12 does not have CSRF check when updating exit... Moderate Unreviewed
CVE-2024-6855 was published Sep 8, 2024
An issue was discovered in za-internet C-MOR Video Surveillance 5.2401 and 6.00PL01. Due to... Moderate Unreviewed
CVE-2024-45172 was published Sep 4, 2024
A vulnerability has been found in SourceCodester Insurance Management System 1.0 and classified... Moderate Unreviewed
CVE-2024-8414 was published Sep 4, 2024
REDCap 14.7.0 allows HTML injection via the project title of a New Project action. This can lead... Moderate Unreviewed
CVE-2024-45527 was published Sep 2, 2024
ProTip! Advisories are also available from the GraphQL API