GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,824
Composer 4,472
Erlang 33
GitHub Actions 24
Go 2,187
Maven 5,419
npm 3,841
NuGet 696
pip 3,609
Pub 12
RubyGems 911
Rust 910
Swift 38

Unreviewed advisories

All unreviewed 248,557

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

6,266 advisories

Filter by severity

Sort by

Least recently updated

The Wow Skype Buttons WordPress plugin before 4.0.4 does not have CSRF checks in some bulk... High Unreviewed

CVE-2024-3474 was published May 2, 2024

The Easy PayPal & Stripe Buy Now Button plugin for WordPress is vulnerable to Cross-Site Request... Moderate Unreviewed

CVE-2024-1719 was published Feb 28, 2024

An issue was discovered in Shopxian CMS 3.0.0. There is a CSRF vulnerability that can delete the... Moderate Unreviewed

CVE-2022-38329 was published Sep 14, 2022

The Team Circle Image Slider With Lightbox plugin for WordPress is vulnerable to Cross-Site... Moderate Unreviewed

CVE-2015-10130 was published Mar 13, 2024

Cross-Site Request Forgery (CSRF) vulnerability in ThemeFuse Unyson.This issue affects Unyson:... Moderate Unreviewed

CVE-2024-34814 was published May 14, 2024

A Cross-Site Request Forgery (CSRF) vulnerability exists in the Signup feature of mlflow/mlflow... Moderate Unreviewed

CVE-2025-1473 was published Mar 20, 2025

A vulnerability in modelscope/agentscope, specifically in the AgentScope Studio backend server,... High Unreviewed

CVE-2024-8489 was published Mar 20, 2025

A Cross-Site Request Forgery (CSRF) vulnerability in polyaxon/polyaxon v2.4.0 allows attackers to... Moderate Unreviewed

CVE-2024-9365 was published Mar 20, 2025

FlatPress CMS version latest is vulnerable to Cross-Site Request Forgery (CSRF) attacks that... High Unreviewed

CVE-2024-9847 was published Mar 20, 2025

A Cross-Site Request Forgery (CSRF) vulnerability exists in the backend API of netease-youdao... High Unreviewed

CVE-2024-8026 was published Mar 20, 2025

A Cross-Site Request Forgery (CSRF) vulnerability in version v1.4.1 of danswer-ai/danswer allows... High Unreviewed

CVE-2024-8065 was published Mar 20, 2025

In version v0.3.8 of open-webui/open-webui, sensitive actions such as deleting and resetting are... Moderate Unreviewed

CVE-2024-7035 was published Mar 20, 2025

A Cross-Site Request Forgery (CSRF) vulnerability in haotian-liu/llava v1.2.0 (LLaVA-1.6) allows... Moderate Unreviewed

CVE-2024-9311 was published Mar 20, 2025

A Cross-Site Request Forgery (CSRF) vulnerability exists in the latest commit ... Moderate Unreviewed

CVE-2024-6841 was published Mar 20, 2025

aimhubio/aim version 3.22.0 contains a Cross-Site Request Forgery (CSRF) vulnerability in the... High Unreviewed

CVE-2024-7760 was published Mar 20, 2025

A Cross-Site Request Forgery (CSRF) vulnerability in version 3.83 of binary-husky/gpt_academic... High Unreviewed

CVE-2024-10819 was published Mar 20, 2025

A CSRF vulnerability exists in comfyanonymous/comfyui versions up to v0.2.2. This vulnerability... Moderate Unreviewed

CVE-2024-10481 was published Mar 20, 2025

The Custom Twitter Feeds – A Tweets Widget or X Feed Widget plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2025-1314 was published Mar 20, 2025

Cross Site Request Forgery vulnerability in Open Panel OpenAdmin v.0.3.4 allows a remote attacker... Moderate Unreviewed

CVE-2025-25873 was published Mar 14, 2025

Cross-Site Request Forgery (CSRF) vulnerability in VeronaLabs WP SMS.This issue affects WP SMS:... Moderate Unreviewed

CVE-2024-30454 was published Mar 29, 2024

Missing Authorization vulnerability in Podlove Podlove Podcast Publisher.This issue affects... High Unreviewed

CVE-2024-32712 was published May 14, 2024

The FoodBakery | Delivery Restaurant Directory WordPress Theme theme for WordPress is vulnerable... High Unreviewed

CVE-2024-13933 was published Mar 19, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Ernest Marcinko Ajax Search Lite allows... High Unreviewed

CVE-2024-21752 was published Feb 29, 2024

Rhymix 2.1.19 is vulnerable to Server-Side Request Forgery (SSRF) in the background import data... Critical Unreviewed

CVE-2024-55089 was published Dec 18, 2024

A vulnerability classified as problematic was found in 猫宁i Morning up to... Moderate Unreviewed

CVE-2025-2420 was published Mar 18, 2025

Previous 1 2 3 4 5 … 250 251 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

6,266 advisories