Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,714
Erlang
34
GitHub Actions
28
Go
2,300
Maven
5,000+
npm
3,942
NuGet
708
pip
3,711
Pub
12
RubyGems
920
Rust
960
Swift
38
Unreviewed advisories
All unreviewed
5,000+

7,557 advisories

Loading
Cross-Site Request Forgery (CSRF) vulnerability in Shayan Farhang Pazhooh ShayanWeb Admin... High Unreviewed
CVE-2025-48114 was published May 16, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Javier Revilla ValidateCertify allows Cross... Moderate Unreviewed
CVE-2025-48115 was published May 16, 2025
Cross-Site Request Forgery (CSRF) vulnerability in ThemeMove QuickCal allows Privilege Escalation... High Unreviewed
CVE-2025-32310 was published May 16, 2025
Cross-Site Request Forgery (CSRF) vulnerability in kamleshyadav Pixel WordPress Form... Moderate Unreviewed
CVE-2025-31915 was published May 16, 2025
Cross-Site Request Forgery (CSRF) vulnerability in loopus WP Ultimate Tours Builder allows Cross... Moderate Unreviewed
CVE-2025-31921 was published May 16, 2025
Cross-Site Request Forgery (CSRF) vulnerability in QuanticaLabs CSS3 Accordions for WordPress... High Unreviewed
CVE-2025-31922 was published May 16, 2025
Cross-Site Request Forgery (CSRF) vulnerability in themeton Seven Stars allows Cross Site Request... Moderate Unreviewed
CVE-2025-31068 was published May 16, 2025
Cross-Site Request Forgery (CSRF) vulnerability in themeton Spare allows Cross Site Request... Moderate Unreviewed
CVE-2025-31639 was published May 16, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Tobias WP2LEADS allows Stored XSS.This issue... High Unreviewed
CVE-2025-32922 was published May 15, 2025
The Alphabetical List WordPress plugin through 1.0.3 does not have CSRF check in place when... Moderate Unreviewed
CVE-2024-8157 was published May 15, 2025
SourceCodester Best Employee Management System V1.0 is vulnerable to Cross Site Request Forgery ... Moderate Unreviewed
CVE-2025-44185 was published May 15, 2025
Jenkins Cadence vManager Plugin Vulnerable to Cross-Site Request Forgery Moderate
CVE-2025-47886 was published for org.jenkins-ci.plugins:vmanager-plugin (Maven) May 14, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Drupal Enterprise MFA - TFA for Drupal allows... High Unreviewed
CVE-2025-47708 was published May 14, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Drupal Restrict route by IP allows Cross Site... High Unreviewed
CVE-2025-47701 was published May 14, 2025
SourceCodester Best Employee Management System 1.0 is vulnerable to Cross Site Request Forgery ... Moderate Unreviewed
CVE-2025-44186 was published May 14, 2025
nosurf vulnerable to CSRF due to non-functional same-origin request checks Moderate
CVE-2025-46721 was published for github.com/justinas/nosurf (Go) May 14, 2025
patrickod
Bootstrap Multiselect Vulnerable to CSRF and Reflective XSS via Arbitrary POST Data Moderate
CVE-2025-47204 was published for bootstrap-multiselect (npm) May 13, 2025
The issue was addressed with improved checks. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS... Moderate Unreviewed
CVE-2025-31205 was published May 13, 2025
The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.5, tvOS... High Unreviewed
CVE-2025-24223 was published May 13, 2025
An authenticated user's token could be used by another source after the user had logged out prior... Moderate Unreviewed
CVE-2025-46743 was published May 12, 2025
ARTEC EMA Mail 6.92 allows CSRF. High Unreviewed
CVE-2025-46610 was published May 12, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Sparx Systems Pro Cloud Server allows Cross... Moderate Unreviewed
CVE-2025-4375 was published May 9, 2025
A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an... Moderate Unreviewed
CVE-2025-20195 was published May 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Moloni Contribuinte Checkout allows Stored XSS... High Unreviewed
CVE-2025-47685 was published May 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in themarketer2023 theMarketer allows Stored XSS.... High Unreviewed
CVE-2025-47655 was published May 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database