GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,069
Maven
5,000+
npm
3,744
NuGet
668
pip
3,429
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+
6,511 advisories
Filter by severity
An issue was discovered in REDCap 14.9.6. It has an action=myprojects&logout=1 CSRF issue in the...
Low
Unreviewed
CVE-2025-23113
was published
Jan 11, 2025
Websites managed by MegaBIP in versions below 5.15 are vulnerable to Cross-Site Request Forgery ...
High
Unreviewed
CVE-2024-6662
was published
Jan 10, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Drupal Minify JS allows Cross Site Request...
Moderate
Unreviewed
CVE-2024-13304
was published
Jan 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Drupal Migrate queue importer allows Cross...
High
Unreviewed
CVE-2024-13260
was published
Jan 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Drupal Gutenberg allows Cross Site Request...
High
Unreviewed
CVE-2024-13284
was published
Jan 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Drupal POST File allows Cross Site Request...
Low
Unreviewed
CVE-2024-13293
was published
Jan 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Drupal Acquia DAM allows Cross Site Request...
Low
Unreviewed
CVE-2024-13261
was published
Jan 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Drupal Migrate Tools allows Cross Site Request...
High
Unreviewed
CVE-2024-13244
was published
Jan 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Drupal Drupal Symfony Mailer Lite allows Cross...
High
Unreviewed
CVE-2024-13250
was published
Jan 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Dylan James Zephyr Admin Theme allows Cross...
High
Unreviewed
CVE-2025-22814
was published
Jan 9, 2025
The AI Scribe – SEO AI Writer, Content Generator, Humanizer, Blog Writer, SEO Optimizer, DALLE-3,...
Moderate
Unreviewed
CVE-2024-12605
was published
Jan 9, 2025
The Action Network plugin for WordPress is vulnerable to Cross-Site Request Forgery in all...
Moderate
Unreviewed
CVE-2024-12394
was published
Jan 9, 2025
The Woocommerce check pincode/zipcode for shipping plugin for WordPress is vulnerable to Cross...
Moderate
Unreviewed
CVE-2024-12218
was published
Jan 9, 2025
The WordPress Header Builder Plugin – Pearl plugin for WordPress is vulnerable to Cross-Site...
Moderate
Unreviewed
CVE-2024-12206
was published
Jan 9, 2025
A vulnerability was found in kurniaramadhan E-Commerce-PHP 1.0. It has been classified as...
Moderate
Unreviewed
CVE-2024-13203
was published
Jan 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in bozdoz Quote Tweet allows Stored XSS.This...
High
Unreviewed
CVE-2025-22589
was published
Jan 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Noel Jarencio. Smoothness Slider Shortcode...
High
Unreviewed
CVE-2025-22555
was published
Jan 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Mario Mansour and Geoff Peters TubePress.NET...
High
Unreviewed
CVE-2025-22559
was published
Jan 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Faaiq Pretty Url allows Cross Site Request...
Moderate
Unreviewed
CVE-2025-22563
was published
Jan 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Jason Funk Title Experiments Free allows Cross...
Moderate
Unreviewed
CVE-2025-22562
was published
Jan 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Greg Whitehead Norse Rune Oracle Plugin allows...
High
Unreviewed
CVE-2025-22556
was published
Jan 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Instabot Instabot allows Cross Site Request...
High
Unreviewed
CVE-2025-22571
was published
Jan 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in WPMagic News Publisher Autopilot allows Cross...
High
Unreviewed
CVE-2025-22557
was published
Jan 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Jason Keeley, Bryan Nielsen Affiliate...
High
Unreviewed
CVE-2025-22552
was published
Jan 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in mmrs151 Prayer Times Anywhere allows Stored...
High
Unreviewed
CVE-2025-22590
was published
Jan 7, 2025
ProTip!
Advisories are also available from the
GraphQL API