GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,246
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
5,980 advisories
Filter by severity
Cross Site Request Forgery vulnerability in Spina CMS v.2.18.0 and before allows a remote...
High
Unreviewed
CVE-2024-41602
was published
Jul 19, 2024
Spina CMS v2.18.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via...
Critical
Unreviewed
CVE-2024-41603
was published
Jul 19, 2024
The PHPGurukul Online Shopping Portal Project version 2.0 contains a vulnerability that allows...
Moderate
Unreviewed
CVE-2024-39090
was published
Jul 18, 2024
Nepstech Wifi Router xpon (terminal) model NTPL-Xpon1GFEVN v.1.0 Firmware V2.0.1 contains a Cross...
High
Unreviewed
CVE-2024-40119
was published
Jul 17, 2024
A Cross-Site Request Forgery vulnerability in GitHub Enterprise Server allowed write operations...
Moderate
Unreviewed
CVE-2024-5815
was published
Jul 17, 2024
The wp-cart-for-digital-products WordPress plugin before 8.5.5 does not have CSRF checks in some...
High
Unreviewed
CVE-2024-6075
was published
Jul 15, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Ali2Woo Team Ali2Woo Lite allows Cross-Site...
High
Unreviewed
CVE-2024-37213
was published
Jul 12, 2024
Cross-Site Request Forgery (CSRF) vulnerability in WPJohnny, zerOneIT Comment Reply Email allows...
High
Unreviewed
CVE-2024-35773
was published
Jul 12, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Seraphinite Solutions Seraphinite Accelerator ...
High
Unreviewed
CVE-2024-37940
was published
Jul 12, 2024
Cross-Site Request Forgery (CSRF) vulnerability in MyThemeShop SociallyViral.This issue affects...
Moderate
Unreviewed
CVE-2024-37938
was published
Jul 12, 2024
Cross-Site Request Forgery (CSRF) vulnerability in VolThemes Patricia Lite.This issue affects...
Moderate
Unreviewed
CVE-2024-37939
was published
Jul 12, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Internal Link Juicer Internal Link Juicer: SEO...
Moderate
Unreviewed
CVE-2024-37941
was published
Jul 12, 2024
The ContentLock WordPress plugin through 1.0.3 does not have CSRF check in place when updating...
High
Unreviewed
CVE-2024-6022
was published
Jul 12, 2024
The ContentLock WordPress plugin through 1.0.3 does not have CSRF check in place when adding...
High
Unreviewed
CVE-2024-6023
was published
Jul 12, 2024
The VikRentCar Car Rental Management System WordPress plugin before 1.3.2 does not have CSRF...
High
Unreviewed
CVE-2024-1845
was published
Jul 11, 2024
A vulnerability has been found in SourceCodester Employee and Visitor Gate Pass Logging System 1...
Moderate
Unreviewed
CVE-2024-6649
was published
Jul 10, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ...
High
Unreviewed
CVE-2024-40331
was published
Jul 10, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ...
High
Unreviewed
CVE-2024-40329
was published
Jul 10, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ...
High
Unreviewed
CVE-2024-40334
was published
Jul 10, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ...
High
Unreviewed
CVE-2024-40332
was published
Jul 10, 2024
Cross-Site request forgery in Checkmk < 2.3.0p8, < 2.2.0p29, < 2.1.0p45, and <= 2.0.0p39 (EOL)...
High
Unreviewed
CVE-2024-28828
was published
Jul 10, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ...
Moderate
Unreviewed
CVE-2024-40328
was published
Jul 10, 2024
Insecure handling of GET header parameter file included in requests being sent to an instance of...
High
Unreviewed
CVE-2024-3798
was published
Jul 10, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ...
High
Unreviewed
CVE-2024-40039
was published
Jul 9, 2024
Lime Survey <= 6.5.12 is vulnerable to Cross Site Request Forgery (CSRF). The YII_CSRF_TOKEN is...
High
Unreviewed
CVE-2024-39063
was published
Jul 9, 2024
ProTip!
Advisories are also available from the
GraphQL API