GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,372
Composer 4,669
Erlang 34
GitHub Actions 26
Go 2,261
Maven 5,512
npm 3,910
NuGet 704
pip 3,680
Pub 12
RubyGems 915
Rust 943
Swift 38

Unreviewed advisories

All unreviewed 253,282

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

7,382 advisories

Filter by severity

Sort by

Least recently updated

Tiny File Manager version 2.4.8 allows an unauthenticated remote attacker to execute arbitrary... High Unreviewed

CVE-2022-23044 was published Nov 25, 2022

Moodle has a CSRF risk in Brickfield tool's analysis request action Low

CVE-2025-3638 was published for moodle/moodle (Composer) Apr 25, 2025

Moodle has a CSRF risk in user tours manager that allows tour duplication Low

CVE-2025-3635 was published for moodle/moodle (Composer) Apr 25, 2025

In Sherpa Orchestrator 141851, the web application lacks protection against CSRF attacks, with... Moderate Unreviewed

CVE-2025-46547 was published Apr 25, 2025

Cross-Site Request Forgery (CSRF) vulnerability in felixtz Modern Polls allows Stored XSS. This... High Unreviewed

CVE-2025-46466 was published Apr 24, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Shamim Hasan Custom Functions Plugin allows... High Unreviewed

CVE-2025-46512 was published Apr 24, 2025

Cross-Site Request Forgery (CSRF) vulnerability in harrysudana Contact Form 7 Calendar allows... High Unreviewed

CVE-2025-46510 was published Apr 24, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Codebangers All in One Time Clock Lite allows... Moderate Unreviewed

CVE-2025-46513 was published Apr 24, 2025

Cross-Site Request Forgery (CSRF) vulnerability in kasonzhao Advanced lazy load allows Stored XSS... High Unreviewed

CVE-2025-46508 was published Apr 24, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Lora77 WpZon – Amazon Affiliate Plugin allows... High Unreviewed

CVE-2025-46506 was published Apr 24, 2025

Cross-Site Request Forgery (CSRF) vulnerability in HuangYe WuDeng Hacklog Remote Attachment... High Unreviewed

CVE-2025-46530 was published Apr 24, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Steve Availability Calendar allows Stored XSS.... High Unreviewed

CVE-2025-46528 was published Apr 24, 2025

Cross-Site Request Forgery (CSRF) vulnerability in stesvis WP Filter Post Category allows Stored... High Unreviewed

CVE-2025-46524 was published Apr 24, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Sebastian Echeverry SCSS-Library allows Cross... Moderate Unreviewed

CVE-2025-46436 was published Apr 24, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Casey Johnson Loan Calculator allows Stored... High Unreviewed

CVE-2025-46442 was published Apr 24, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Vladimir Prelovac Plugin Central allows Path... High Unreviewed

CVE-2025-46439 was published Apr 24, 2025

Cross-Site Request Forgery (CSRF) vulnerability in digontoahsan Wp Custom CMS Block allows Stored... High Unreviewed

CVE-2025-46457 was published Apr 24, 2025

Cross-Site Request Forgery (CSRF) vulnerability in x000x occupancyplan allows Stored XSS. This... High Unreviewed

CVE-2025-46450 was published Apr 24, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Olav Kolbu Google News allows Stored XSS. This... High Unreviewed

CVE-2025-46452 was published Apr 24, 2025

Cross-Site Request Forgery (CSRF) vulnerability in John Weissberg Print Science Designer allows... High Unreviewed

CVE-2025-46465 was published Apr 24, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Trân Minh-Quân WPVN allows Cross Site Request... Moderate Unreviewed

CVE-2025-46462 was published Apr 24, 2025

Cross-Site Request Forgery (CSRF) vulnerability in nghialuu Zalo Official Live Chat allows Cross... Moderate Unreviewed

CVE-2025-46498 was published Apr 24, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Navegg Navegg Analytics allows Stored XSS.... High Unreviewed

CVE-2025-46497 was published Apr 24, 2025

Cross-Site Request Forgery (CSRF) vulnerability in tomontoast Drop Caps allows Stored XSS. This... Moderate Unreviewed

CVE-2025-46495 was published Apr 24, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Pham Thanh Call Now PHT Blog allows Stored XSS... High Unreviewed

CVE-2025-46492 was published Apr 24, 2025

Previous 1 2 3 4 5 … 295 296 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

7,382 advisories