GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,656
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
2,310 advisories
Filter by severity
The TEM Opera Plus FM Family Transmitter application interface allows users to perform certain...
High
Unreviewed
CVE-2024-41987
was published
Oct 3, 2024
Certain switch models from PLANET Technology have a web application that is vulnerable to Cross...
High
Unreviewed
CVE-2024-8458
was published
Sep 30, 2024
The Favicon Generator (CLOSED) WordPress plugin before 2.1 does not validate files to be uploaded...
High
Unreviewed
CVE-2024-7863
was published
Sep 13, 2024
Advantech ADAM-5630 contains a cross-site request forgery (CSRF) vulnerability. It allows an...
High
Unreviewed
CVE-2024-28948
was published
Sep 27, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component...
High
Unreviewed
CVE-2024-36670
was published
Jun 5, 2024
A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an...
High
Unreviewed
CVE-2024-20437
was published
Sep 25, 2024
The BA Book Everything plugin for WordPress is vulnerable to Cross-Site Request Forgery in all...
High
Unreviewed
CVE-2024-8795
was published
Sep 24, 2024
FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admin/?/user/add
High
Unreviewed
CVE-2024-46394
was published
Sep 19, 2024
FrogCMS V0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ...
High
Unreviewed
CVE-2024-46086
was published
Sep 18, 2024
Cross-Site Request Forgery (CSRF) vulnerability in LikeBtn Like Button Rating allows Cross-Site...
High
Unreviewed
CVE-2024-44064
was published
Sep 18, 2024
FrogCMS V0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ...
High
Unreviewed
CVE-2024-46085
was published
Sep 17, 2024
FrogCMS V0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ...
High
Unreviewed
CVE-2024-46362
was published
Sep 17, 2024
The PropertyHive plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions...
High
Unreviewed
CVE-2024-8490
was published
Sep 17, 2024
The Stream plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to...
High
Unreviewed
CVE-2024-7423
was published
Sep 13, 2024
A Cross-Site Request Forgery (CSRF) in the component admin_modify_room.php of Hotel Management...
High
Unreviewed
CVE-2024-42557
was published
Aug 20, 2024
Cross-site Request Forgery (CSRF) vulnerability in Lychee version 3.1.6, allows remote attackers...
High
Unreviewed
CVE-2024-25808
was published
Mar 22, 2024
DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /src...
High
Unreviewed
CVE-2024-30965
was published
Apr 2, 2024
Cross Site Request Forgery vulnerability in FlyCms v.1.0 allows a remote attacker to execute...
High
Unreviewed
CVE-2024-22939
was published
Feb 29, 2024
A cross-site request forgery (CSRF) vulnerability in the admin panel in SkySystem Arfa-CMS before...
High
Unreviewed
CVE-2024-45264
was published
Aug 27, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Fonts Plugin Fonts allows Stored XSS.This...
High
Unreviewed
CVE-2024-43301
was published
Aug 26, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Stormhill Media MyBookTable Bookstore allows...
High
Unreviewed
CVE-2024-43255
was published
Aug 26, 2024
Cross Site Request Forgery vulnerability in flusity-CMS v.2.33 allows a remote attacker to...
High
Unreviewed
CVE-2024-24469
was published
Feb 5, 2024
Cross-site request forgery vulnerability exists in ELECOM wireless LAN routers. Viewing a...
High
Unreviewed
CVE-2024-40883
was published
Aug 1, 2024
Leantime 3.0.6 is vulnerable to Cross Site Request Forgery (CSRF). This vulnerability allows...
High
Unreviewed
CVE-2024-27474
was published
Apr 10, 2024
Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via ...
High
Unreviewed
CVE-2024-42608
was published
Aug 20, 2024
ProTip!
Advisories are also available from the
GraphQL API