Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,472
Erlang
33
GitHub Actions
24
Go
2,195
Maven
5,000+
npm
3,841
NuGet
696
pip
3,632
Pub
12
RubyGems
911
Rust
910
Swift
38
Unreviewed advisories
All unreviewed
5,000+

3,099 advisories

Loading
A CSRF vulnerability in the gestione_utenti.php endpoint of HotelDruid 3.0.7 allows attackers to... High Unreviewed
CVE-2025-25748 was published Mar 11, 2025
Open WebUI Cross-Site Request Forgery (CSRF) Vulnerability High
CVE-2024-7806 was published for open-webui (pip) Mar 20, 2025
The Wow Skype Buttons WordPress plugin before 4.0.4 does not have CSRF checks in some bulk... High Unreviewed
CVE-2024-3474 was published May 2, 2024
DB-GPT vulnerable to Cross-Site Request Forgery High
CVE-2024-10906 was published for dbgpt (pip) Mar 20, 2025
FlatPress CMS version latest is vulnerable to Cross-Site Request Forgery (CSRF) attacks that... High Unreviewed
CVE-2024-9847 was published Mar 20, 2025
A vulnerability in modelscope/agentscope, specifically in the AgentScope Studio backend server,... High Unreviewed
CVE-2024-8489 was published Mar 20, 2025
A Cross-Site Request Forgery (CSRF) vulnerability exists in the backend API of netease-youdao... High Unreviewed
CVE-2024-8026 was published Mar 20, 2025
A Cross-Site Request Forgery (CSRF) vulnerability in version v1.4.1 of danswer-ai/danswer allows... High Unreviewed
CVE-2024-8065 was published Mar 20, 2025
aimhubio/aim version 3.22.0 contains a Cross-Site Request Forgery (CSRF) vulnerability in the... High Unreviewed
CVE-2024-7760 was published Mar 20, 2025
A Cross-Site Request Forgery (CSRF) vulnerability in version 3.83 of binary-husky/gpt_academic... High Unreviewed
CVE-2024-10819 was published Mar 20, 2025
Missing Authorization vulnerability in Podlove Podlove Podcast Publisher.This issue affects... High Unreviewed
CVE-2024-32712 was published May 14, 2024
The FoodBakery | Delivery Restaurant Directory WordPress Theme theme for WordPress is vulnerable... High Unreviewed
CVE-2024-13933 was published Mar 19, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Ernest Marcinko Ajax Search Lite allows... High Unreviewed
CVE-2024-21752 was published Feb 29, 2024
The LoginPress | wp-login Custom Login Page Customizer plugin for WordPress is vulnerable to... High Unreviewed
CVE-2025-1764 was published Mar 14, 2025
The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to Cross... High Unreviewed
CVE-2024-13913 was published Mar 14, 2025
A race condition was addressed with additional validation. This issue is fixed in macOS Ventura... High Unreviewed
CVE-2024-40815 was published Jul 30, 2024
Jenkins Vulnerable to Cross-Site Request Forgery (CSRF) Attack High
CVE-2015-7537 was published for org.jenkins-ci.main:jenkins-core (Maven) May 13, 2022
Jenkins Vulnerable to Cross-Site Request Forgery (CSRF) Attack High
CVE-2015-7538 was published for org.jenkins-ci.main:jenkins-core (Maven) May 13, 2022
The WP Fastest Cache plugin for WordPress is vulnerable to unauthorized arbitrary file deletion... High Unreviewed
CVE-2020-36836 was published Oct 16, 2024
A cross-site request forgery vulnerability exists in Sola Testimonials versions prior to 3.0.0.... High Unreviewed
CVE-2024-38345 was published Jul 4, 2024
Cross-site request forgery (CSRF) vulnerability exists in Ninja Forms prior to 3.4.31. If a... High Unreviewed
CVE-2024-25572 was published Apr 11, 2024
A Cross-Site Request Forgery (CSRF) in the component /admin/users/user.form of Openmrs 2.4.3... High Unreviewed
CVE-2025-25928 was published Mar 11, 2025
tianti v2.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /user... High Unreviewed
CVE-2025-27910 was published Mar 11, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Hieu Nguyen WATI Chat and Notification allows... High Unreviewed
CVE-2025-28925 was published Mar 11, 2025
Cross-Site Request Forgery (CSRF) vulnerability in PPDPurveyor Google News Editors Picks Feed... High Unreviewed
CVE-2025-28860 was published Mar 11, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database