Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

6,193 advisories

Loading
Cross-Site Request Forgery (CSRF) vulnerability in Lars Schenk Responsive Flickr Gallery allows... High Unreviewed
CVE-2024-51630 was published Nov 9, 2024
dingfanzu CMS V1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the... Critical Unreviewed
CVE-2024-50966 was published Nov 8, 2024
An issue was discovered on Epson Expression Home XP255 20.08.FM10I8 devices. POST requests don't... High Unreviewed
CVE-2019-20460 was published Nov 7, 2024
An issue was discovered in Siime Eye 14.1.00000001.3.330.0.0.3.14. There is no CSRF protection. High Unreviewed
CVE-2020-11919 was published Nov 7, 2024
Moodle has CSRF risk in Feedback non-respondents report High
CVE-2024-43434 was published for moodle/moodle (Composer) Nov 7, 2024
Hono allows bypass of CSRF Middleware by a request without Content-Type header. Moderate
CVE-2024-48913 was published for hono (npm) Oct 15, 2024
KageShiron MathurAditya724
The Featured Posts Scroll plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed
CVE-2024-10922 was published Nov 7, 2024
The Post From Frontend WordPress plugin through 1.0.0 does not have CSRF check when deleting... Moderate Unreviewed
CVE-2024-9689 was published Nov 5, 2024
Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E... Moderate Unreviewed
CVE-2024-21043 was published Apr 17, 2024
LocalAI Cross-site Scripting vulnerability Low
CVE-2024-48057 was published for github.com/mudler/LocalAI (Go) Nov 5, 2024
Cross-Site Request Forgery (CSRF) vulnerability in JATOS v3.9.3 allows an attacker to reset the... High Unreviewed
CVE-2024-51382 was published Nov 5, 2024
Cross-Site Request Forgery (CSRF) vulnerability in JATOS v3.9.3 that allows attackers to perform... High Unreviewed
CVE-2024-51381 was published Nov 5, 2024
Cross-site request forgery vulnerability exists in ajaxterm module of Webmin versions prior to 2... Low Unreviewed
CVE-2024-36452 was published Jul 10, 2024
A Cross-Site Request Forgery (CSRF) vulnerability in Chamilo LMS 1.11.26 "/main/social/home.php,"... Moderate Unreviewed
CVE-2024-30617 was published Nov 4, 2024
The WooCommerce Report plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... High Unreviewed
CVE-2024-10711 was published Nov 5, 2024
Cross-site request forgery (CSRF) vulnerability in multiple Alps System Integration products and... Moderate Unreviewed
CVE-2024-45504 was published Sep 10, 2024
Mattermost Server Path Traversal vulnerability that leads to Cross-Site Request Forgery Moderate
CVE-2024-46872 was published for github.com/mattermost/mattermost/server/v8 (Go) Oct 29, 2024
Cross Site Request Forgery (CSRF) vulnerability in Form Tools 3.1.1 allows attackers to... Moderate Unreviewed
CVE-2024-22721 was published Apr 11, 2024
flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component... Moderate Unreviewed
CVE-2024-26351 was published Feb 22, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component ... High Unreviewed
CVE-2024-35552 was published May 22, 2024
IBM CICS TX Standard 11.1 is vulnerable to cross-site request forgery which could allow an... Moderate Unreviewed
CVE-2024-41744 was published Nov 1, 2024
Cross-site Resource Forgery (CSRF), Privilege escalation vulnerability in Apache Roller. On multi... Moderate Unreviewed
CVE-2024-46911 was published Oct 14, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Microchip TimeProvider 4100 allows Cross Site... High Unreviewed
CVE-2024-43684 was published Oct 4, 2024
A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been... Moderate Unreviewed
CVE-2024-10605 was published Nov 1, 2024
Cross-site request forgery vulnerability in FUJIFILM printers which implement CentreWare Internet... Moderate Unreviewed
CVE-2024-27974 was published Mar 18, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database