Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,472
Erlang
33
GitHub Actions
24
Go
2,195
Maven
5,000+
npm
3,841
NuGet
696
pip
3,632
Pub
12
RubyGems
911
Rust
910
Swift
38
Unreviewed advisories
All unreviewed
5,000+

3,748 advisories

Loading
The CITS Support svg, webp Media and TTF,OTF File Upload, Use Custom Fonts plugin for WordPress... Moderate Unreviewed
CVE-2024-13768 was published Mar 22, 2025
The CITS Support svg, webp Media and TTF,OTF File Upload, Use Custom Fonts plugin for WordPress... Moderate Unreviewed
CVE-2025-0807 was published Mar 22, 2025
MLflow Cross-Site Request Forgery (CSRF) vulnerability Moderate
CVE-2025-1473 was published for mlflow (pip) Mar 20, 2025
Open WebUI Vulnerable to Cross-Site Request Forgery (CSRF) Moderate
CVE-2024-7035 was published for open-webui (pip) Mar 20, 2025
The Easy PayPal & Stripe Buy Now Button plugin for WordPress is vulnerable to Cross-Site Request... Moderate Unreviewed
CVE-2024-1719 was published Feb 28, 2024
An issue was discovered in Shopxian CMS 3.0.0. There is a CSRF vulnerability that can delete the... Moderate Unreviewed
CVE-2022-38329 was published Sep 14, 2022
The Team Circle Image Slider With Lightbox plugin for WordPress is vulnerable to Cross-Site... Moderate Unreviewed
CVE-2015-10130 was published Mar 13, 2024
Cross-Site Request Forgery (CSRF) vulnerability in ThemeFuse Unyson.This issue affects Unyson:... Moderate Unreviewed
CVE-2024-34814 was published May 14, 2024
A Cross-Site Request Forgery (CSRF) vulnerability in polyaxon/polyaxon v2.4.0 allows attackers to... Moderate Unreviewed
CVE-2024-9365 was published Mar 20, 2025
A Cross-Site Request Forgery (CSRF) vulnerability in haotian-liu/llava v1.2.0 (LLaVA-1.6) allows... Moderate Unreviewed
CVE-2024-9311 was published Mar 20, 2025
A Cross-Site Request Forgery (CSRF) vulnerability exists in the latest commit ... Moderate Unreviewed
CVE-2024-6841 was published Mar 20, 2025
A CSRF vulnerability exists in comfyanonymous/comfyui versions up to v0.2.2. This vulnerability... Moderate Unreviewed
CVE-2024-10481 was published Mar 20, 2025
The Custom Twitter Feeds – A Tweets Widget or X Feed Widget plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2025-1314 was published Mar 20, 2025
Cross Site Request Forgery vulnerability in Open Panel OpenAdmin v.0.3.4 allows a remote attacker... Moderate Unreviewed
CVE-2025-25873 was published Mar 14, 2025
Cross-Site Request Forgery (CSRF) vulnerability in VeronaLabs WP SMS.This issue affects WP SMS:... Moderate Unreviewed
CVE-2024-30454 was published Mar 29, 2024
A vulnerability classified as problematic was found in 猫宁i Morning up to... Moderate Unreviewed
CVE-2025-2420 was published Mar 18, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Recapture Cart Recovery and Email Marketing... Moderate Unreviewed
CVE-2025-26899 was published Mar 16, 2025
The Tripetto plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up... Moderate Unreviewed
CVE-2025-1530 was published Mar 15, 2025
Retool (self-hosted enterprise) through 3.40.0 inserts resource authentication credentials into... Moderate Unreviewed
CVE-2024-42056 was published Aug 22, 2024
An exploitable CSRF vulnerability exists in Atlassian Jira, from versions 7.6.4 to 8.1.0. The... Moderate Unreviewed
CVE-2019-15002 was published Feb 11, 2025
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component:... Moderate Unreviewed
CVE-2024-21202 was published Oct 15, 2024
DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the... Moderate Unreviewed
CVE-2024-28430 was published Mar 13, 2024
Vulnerability in the Oracle Financial Services Behavior Detection Platform product of Oracle... Moderate Unreviewed
CVE-2025-21550 was published Jan 21, 2025
Cross-Site Request Forgery (CSRF) vulnerability in realmag777 HUSKY – Products Filter for... Moderate Unreviewed
CVE-2024-30462 was published Mar 29, 2024
Cross-Site Request Forgery (CSRF) vulnerability in realmag777 WOLF – WordPress Posts Bulk Editor... Moderate Unreviewed
CVE-2024-31430 was published Apr 10, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database