GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,093
Composer 4,324
Erlang 31
GitHub Actions 21
Go 2,087
Maven 5,251
npm 3,751
NuGet 674
pip 3,437
Pub 12
RubyGems 892
Rust 881
Swift 37

Unreviewed advisories

All unreviewed 241,691

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

5,935 advisories

Filter by severity

Sort by

Least recently updated

Cross-Site Request Forgery (CSRF) vulnerability in Mukesh Dak MD Custom content after or before... High Unreviewed

CVE-2025-23463 was published Jan 16, 2025

Cross-Site Request Forgery (CSRF) vulnerability in X Villamuera Visit Site Link enhanced allows... High Unreviewed

CVE-2025-23470 was published Jan 16, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Oren Yomtov Mass Custom Fields Manager allows... High Unreviewed

CVE-2025-23430 was published Jan 16, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Brian Novotny – Creative Software Design... High Unreviewed

CVE-2025-23424 was published Jan 16, 2025

Cross-Site Request Forgery (CSRF) vulnerability in David Marcucci Password Protect Plugin for... High Unreviewed

CVE-2025-23435 was published Jan 16, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Capa Wp-Scribd-List allows Stored XSS.This... High Unreviewed

CVE-2025-23436 was published Jan 16, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Wizcrew Technologies go Social allows Stored... High Unreviewed

CVE-2025-23426 was published Jan 16, 2025

Cross-Site Request Forgery (CSRF) vulnerability in matias s Shockingly Big IE6 Warning allows... High Unreviewed

CVE-2025-23442 was published Jan 16, 2025

The WP User Profile Avatar plugin for WordPress is vulnerable to Cross-Site Request Forgery in... Moderate Unreviewed

CVE-2024-10789 was published Jan 16, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Johan Ström Background Control allows Path... High Unreviewed

CVE-2025-22784 was published Jan 15, 2025

Cross-Site Request Forgery (CSRF) vulnerability in silverplugins217 Build Private Store For... Moderate Unreviewed

CVE-2025-22731 was published Jan 15, 2025

Multiple endpoints in GestioIP v3.5.7 are vulnerable to Cross-Site Request Forgery (CSRF). An... High Unreviewed

CVE-2024-50858 was published Jan 15, 2025

Active Directory Federation Server Spoofing Vulnerability Moderate Unreviewed

CVE-2025-21193 was published Jan 14, 2025

A vulnerability has been identified in SIMATIC S7-1200 CPU 1211C AC/DC/Rly (6ES7211-1BE40-0XB0),... High Unreviewed

CVE-2024-47100 was published Jan 14, 2025

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Cross-Site Request... Moderate Unreviewed

CVE-2025-0393 was published Jan 14, 2025

The Smart Agenda – Prise de rendez-vous en ligne plugin for WordPress is vulnerable to Cross-Site... Moderate Unreviewed

CVE-2024-13348 was published Jan 14, 2025

Teedy through 1.11 allows CSRF for account takeover via POST /api/user/admin. High Unreviewed

CVE-2025-22963 was published Jan 13, 2025

An issue was discovered in REDCap 14.9.6. It has an action=myprojects&logout=1 CSRF issue in the... Low Unreviewed

CVE-2025-23113 was published Jan 11, 2025

Websites managed by MegaBIP in versions below 5.15 are vulnerable to Cross-Site Request Forgery ... High Unreviewed

CVE-2024-6662 was published Jan 10, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Drupal Minify JS allows Cross Site Request... Moderate Unreviewed

CVE-2024-13304 was published Jan 9, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Drupal Migrate queue importer allows Cross... High Unreviewed

CVE-2024-13260 was published Jan 9, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Drupal Gutenberg allows Cross Site Request... High Unreviewed

CVE-2024-13284 was published Jan 9, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Drupal POST File allows Cross Site Request... Low Unreviewed

CVE-2024-13293 was published Jan 9, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Drupal Acquia DAM allows Cross Site Request... Low Unreviewed

CVE-2024-13261 was published Jan 9, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Drupal Migrate Tools allows Cross Site Request... High Unreviewed

CVE-2024-13244 was published Jan 9, 2025

Previous 1 2 3 4 5 6 7 … 237 238 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

5,935 advisories