Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,714
Erlang
34
GitHub Actions
28
Go
2,301
Maven
5,000+
npm
3,942
NuGet
711
pip
3,711
Pub
12
RubyGems
920
Rust
960
Swift
38
Unreviewed advisories
All unreviewed
5,000+

7,560 advisories

Loading
A Cross-Site Request Forgery (CSRF) vulnerability in StrangeBee TheHive 5.2.0 before 5.2.16, 5.3... Moderate Unreviewed
CVE-2025-48740 was published May 23, 2025
The LikeBot WordPress plugin through 0.85 does not have CSRF check in some places, and is... Moderate Unreviewed
CVE-2025-0522 was published Feb 6, 2025
Cross-Site Request Forgery (CSRF) vulnerability in x000x occupancyplan allows SQL Injection. This... High Unreviewed
CVE-2025-46458 was published May 23, 2025
The Bitcoin / Altcoin Faucet WordPress plugin through 1.6.0 does not have any CSRF check when... Moderate Unreviewed
CVE-2022-3025 was published Sep 27, 2022
The Scripts Organizer WordPress plugin before 3.0 does not have capability and CSRF checks in the... High Unreviewed
CVE-2021-24890 was published Sep 27, 2022
The URL Shortener | Conversion Tracking | AB Testing | WooCommerce WordPress plugin through 9.0... Moderate Unreviewed
CVE-2025-1362 was published Mar 9, 2025
The Contact Us By Lord Linus WordPress plugin through 2.6 does not have CSRF check in some places... Moderate Unreviewed
CVE-2025-1382 was published Mar 9, 2025
Inappropriate implementation in iframe Sandbox in Google Chrome prior to 105.0.5195.52 allowed a... Moderate Unreviewed
CVE-2022-3057 was published Sep 27, 2022
A vulnerability classified as problematic was found in XiaoBingby TeaCMS 2.0.2. Affected by this... Moderate Unreviewed
CVE-2025-5033 was published May 21, 2025
TYPO3 Scheduler Module vulnerable to Cross-Site Request Forgery High
CVE-2024-55924 was published for typo3/cms-scheduler (Composer) Jan 14, 2025
rosegabe
TYPO3 DB Check Module vulnerable to Cross-Site Request Forgery Moderate
CVE-2024-55945 was published for typo3/cms-lowlevel (Composer) Jan 14, 2025
rosegabe
TYPO3 Cross-Site Request Forgery in Dashboard Module Moderate
CVE-2024-55920 was published for typo3/cms-dashboard (Composer) Jan 14, 2025
TYPO3 Extension Manager Module vulnerable to Cross-Site Request Forgery High
CVE-2024-55921 was published for typo3/cms-extensionmanager (Composer) Jan 14, 2025
TYPO3 Form Framework Module vulnerable to Cross-Site Request Forgery Moderate
CVE-2024-55922 was published for typo3/cms-form (Composer) Jan 14, 2025
TYPO3 Indexed Search Module vulnerable to Cross-Site Request Forgery Moderate
CVE-2024-55923 was published for typo3/cms-indexed-search (Composer) Jan 14, 2025
TYPO3 Cross-Site Request Forgery in Backend User Module Moderate
CVE-2024-55894 was published for typo3/cms-beuser (Composer) Jan 14, 2025
zly123987
Cross-Site Request Forgery (CSRF) vulnerability in Drupal Enterprise MFA - TFA for Drupal allows... High Unreviewed
CVE-2025-47708 was published May 14, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Drupal Restrict route by IP allows Cross Site... High Unreviewed
CVE-2025-47701 was published May 14, 2025
A spoofing vulnerability exists in Azure DevOps Server when it improperly handles requests to... Moderate Unreviewed
CVE-2019-0996 was published May 24, 2022
TYPO3 Cross-Site Request Forgery in Log Module Moderate
CVE-2024-55893 was published for typo3/cms-belog (Composer) Jan 14, 2025
zly123987
SourceCodester Best Employee Management System V1.0 is vulnerable to Cross Site Request Forgery ... Moderate Unreviewed
CVE-2025-44185 was published May 15, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Danny Vink User Profile Meta Manager allows... Critical Unreviewed
CVE-2025-48340 was published May 19, 2025
SourceCodester Best Employee Management System 1.0 is vulnerable to Cross Site Request Forgery ... Moderate Unreviewed
CVE-2025-44186 was published May 14, 2025
Cross-Site Request Forgery (CSRF) vulnerability in ktsvetkov allows Cross Site Request Forgery... Moderate Unreviewed
CVE-2025-43835 was published May 19, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Ref CheckBot allows Stored XSS.This issue... High Unreviewed
CVE-2025-43840 was published May 19, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database