Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
1,998
Maven
5,000+
npm
3,710
NuGet
661
pip
3,364
Pub
11
RubyGems
885
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+

6,190 advisories

Loading
Cross-Site Request Forgery (CSRF) vulnerability in WPMobile.App allows Stored XSS.This issue... Moderate Unreviewed
CVE-2024-43933 was published Oct 31, 2024
Cross-Site Request Forgery (CSRF) vulnerability in eyecix JobSearch allows Cross Site Request... Moderate Unreviewed
CVE-2024-43930 was published Oct 31, 2024
The WPGlobus Translate Options plugin for WordPress is vulnerable to Cross-Site Request Forgery... Moderate Unreviewed
CVE-2024-9434 was published Oct 31, 2024
Piwigo v14.5.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the Edit album... High Unreviewed
CVE-2024-48311 was published Oct 31, 2024
A vulnerability has been found in code-projects Blood Bank Management System 1.0 and classified... Moderate Unreviewed
CVE-2024-10557 was published Oct 31, 2024
A cross-site request forgery (CSRF) vulnerability exists in the Web Application functionality of... High Unreviewed
CVE-2024-24777 was published Oct 30, 2024
The Crypto plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to,... High Unreviewed
CVE-2024-9990 was published Oct 29, 2024
Cross-Site Request Forgery (CSRF) vulnerability in DarkMySite DarkMySite – Advanced Dark Mode... Moderate Unreviewed
CVE-2024-50466 was published Oct 29, 2024
A Cross-Site Request Forgery (CSRF) vulnerability exists in the `install_comfyui` endpoint of the... Moderate Unreviewed
CVE-2024-6673 was published Oct 29, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Gifford Cheung, Brian Watanabe, Chongsun Ahn... High Unreviewed
CVE-2024-49672 was published Oct 29, 2024
Mattermost Server Path Traversal vulnerability that leads to Cross-Site Request Forgery Moderate
CVE-2024-46872 was published for github.com/mattermost/mattermost/server/v8 (Go) Oct 29, 2024
dingfanzu CMS 1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admin... Moderate Unreviewed
CVE-2024-48291 was published Oct 28, 2024
dingfanzu CMS 1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component... Moderate Unreviewed
CVE-2024-48191 was published Oct 28, 2024
A vulnerability, which was classified as problematic, has been found in code-projects Blood Bank... Moderate Unreviewed
CVE-2024-10448 was published Oct 28, 2024
Content Censorship in the InterPlanetary File System (IPFS) via Kademlia DHT abuse Moderate
CVE-2023-26248 was published for github.com/libp2p/go-libp2p-kad-dht (Go) Oct 25, 2024
OvalEdge 5.2.8.0 and earlier is affected by an Account Takeover vulnerability via a POST request... Critical Unreviewed
CVE-2022-30357 was published Oct 25, 2024
The AMP for WP – Accelerated Mobile Pages plugin for WordPress is vulnerable to Cross-Site... High Unreviewed
CVE-2024-9598 was published Oct 25, 2024
OpenRefine's PreviewExpressionCommand, which is eval, lacks protection against cross-site request forgery (CSRF) High
CVE-2024-47879 was published for org.openrefine:main (Maven) Oct 24, 2024
wetneb
The MultiVendorX – The Ultimate WooCommerce Multivendor Marketplace Solution plugin for WordPress... Moderate Unreviewed
CVE-2024-9943 was published Oct 24, 2024
The Transients Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed
CVE-2024-10045 was published Oct 23, 2024
The Script Console in Liferay Portal 7.0.0 through 7.4.3.101, and Liferay DXP 2023.Q3.1 through... Critical Unreviewed
CVE-2024-8980 was published Oct 22, 2024
Cross-site request forgery (CSRF) vulnerability in the My Account widget in Liferay Portal 7.4.3... High Unreviewed
CVE-2024-26271 was published Oct 22, 2024
Cross-site request forgery (CSRF) vulnerability in the content page editor in Liferay Portal 7.3... High Unreviewed
CVE-2024-26272 was published Oct 22, 2024
Cross-site request forgery (CSRF) vulnerability in the content page editor in Liferay Portal 7.4... High Unreviewed
CVE-2024-26273 was published Oct 22, 2024
The Category and Taxonomy Meta Fields plugin for WordPress is vulnerable to Cross-Site Request... Moderate Unreviewed
CVE-2024-9588 was published Oct 22, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database