Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

6,133 advisories

Loading
The Crypto plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to,... High Unreviewed
CVE-2024-9990 was published Oct 29, 2024
A Cross-Site Request Forgery (CSRF) vulnerability exists in the `install_comfyui` endpoint of the... Moderate Unreviewed
CVE-2024-6673 was published Oct 29, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Gifford Cheung, Brian Watanabe, Chongsun Ahn... High Unreviewed
CVE-2024-49672 was published Oct 29, 2024
Mattermost Server Path Traversal vulnerability that leads to Cross-Site Request Forgery Moderate
CVE-2024-46872 was published for github.com/mattermost/mattermost/server/v8 (Go) Oct 29, 2024
A vulnerability, which was classified as problematic, has been found in code-projects Blood Bank... Moderate Unreviewed
CVE-2024-10448 was published Oct 28, 2024
dingfanzu CMS 1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admin... Moderate Unreviewed
CVE-2024-48291 was published Oct 28, 2024
dingfanzu CMS 1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component... Moderate Unreviewed
CVE-2024-48191 was published Oct 28, 2024
OvalEdge 5.2.8.0 and earlier is affected by an Account Takeover vulnerability via a POST request... Critical Unreviewed
CVE-2022-30357 was published Oct 25, 2024
Content Censorship in the InterPlanetary File System (IPFS) via Kademlia DHT abuse Moderate
CVE-2023-26248 was published for github.com/libp2p/go-libp2p-kad-dht (Go) Oct 25, 2024
The AMP for WP – Accelerated Mobile Pages plugin for WordPress is vulnerable to Cross-Site... High Unreviewed
CVE-2024-9598 was published Oct 25, 2024
OpenRefine's PreviewExpressionCommand, which is eval, lacks protection against cross-site request forgery (CSRF) High
CVE-2024-47879 was published for org.openrefine:main (Maven) Oct 24, 2024
wetneb
The MultiVendorX – The Ultimate WooCommerce Multivendor Marketplace Solution plugin for WordPress... Moderate Unreviewed
CVE-2024-9943 was published Oct 24, 2024
The Transients Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed
CVE-2024-10045 was published Oct 23, 2024
Cross-site request forgery (CSRF) vulnerability in the My Account widget in Liferay Portal 7.4.3... High Unreviewed
CVE-2024-26271 was published Oct 22, 2024
Cross-site request forgery (CSRF) vulnerability in the content page editor in Liferay Portal 7.4... High Unreviewed
CVE-2024-26273 was published Oct 22, 2024
Cross-site request forgery (CSRF) vulnerability in the content page editor in Liferay Portal 7.3... High Unreviewed
CVE-2024-26272 was published Oct 22, 2024
The Script Console in Liferay Portal 7.0.0 through 7.4.3.101, and Liferay DXP 2023.Q3.1 through... Critical Unreviewed
CVE-2024-8980 was published Oct 22, 2024
The Category and Taxonomy Meta Fields plugin for WordPress is vulnerable to Cross-Site Request... Moderate Unreviewed
CVE-2024-9588 was published Oct 22, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Latepoint LatePoint allows Cross Site Request... Moderate Unreviewed
CVE-2024-43945 was published Oct 21, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Michael Tran Table of Contents Plus allows... Moderate Unreviewed
CVE-2024-49250 was published Oct 20, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Henrique Rodrigues SafetyForms allows Blind... High Unreviewed
CVE-2024-49615 was published Oct 20, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Bhaskar Dhote Back Link Tracker allows Blind... High Unreviewed
CVE-2024-49617 was published Oct 20, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Infomaniak Staff VOD Infomaniak allows Cross... Moderate Unreviewed
CVE-2024-49274 was published Oct 20, 2024
Cross-Site Request Forgery (CSRF) vulnerability in WPWeb Social Auto Poster allows Cross Site... Moderate Unreviewed
CVE-2024-49272 was published Oct 20, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Martin Gibson IdeaPush allows Cross Site... Moderate Unreviewed
CVE-2024-49275 was published Oct 20, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database