Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,350
Erlang
31
GitHub Actions
22
Go
2,119
Maven
5,000+
npm
3,778
NuGet
680
pip
3,459
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

3,626 advisories

Loading
Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Sticky Buttons allows Cross Site... Moderate Unreviewed
CVE-2025-24720 was published Jan 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in G5Theme Essential Real Estate allows Cross... Moderate Unreviewed
CVE-2025-24698 was published Jan 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in WP Attire Attire Blocks allows Cross Site... Moderate Unreviewed
CVE-2025-24696 was published Jan 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Counter Box allows Cross Site... Moderate Unreviewed
CVE-2025-24715 was published Jan 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Side Menu Lite allows Cross Site... Moderate Unreviewed
CVE-2025-24724 was published Jan 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Brainstorm Force Starter Templates allows... Moderate Unreviewed
CVE-2025-24568 was published Jan 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Really Simple Security Really Simple SSL... Moderate Unreviewed
CVE-2025-24623 was published Jan 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in datafeedr.com WooCommerce Cloak Affiliate... Moderate Unreviewed
CVE-2025-24647 was published Jan 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in PickPlugins Job Board Manager allows Cross... Moderate Unreviewed
CVE-2025-24622 was published Jan 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in RSTheme Ultimate Coming Soon & Maintenance... Moderate Unreviewed
CVE-2025-24543 was published Jan 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Epsiloncool WP Fast Total Search allows Cross... Moderate Unreviewed
CVE-2025-24572 was published Jan 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in RSTheme Ultimate Coming Soon & Maintenance... Moderate Unreviewed
CVE-2025-24546 was published Jan 24, 2025
The Automate Hub Free by Sperse.IO plugin for WordPress is vulnerable to Cross-Site Request... Moderate Unreviewed
CVE-2024-13683 was published Jan 24, 2025
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web... Moderate Unreviewed
CVE-2025-21513 was published Jan 21, 2025
Vulnerability in the Oracle Advanced Outbound Telephony product of Oracle E-Business Suite ... Moderate Unreviewed
CVE-2025-21489 was published Jan 21, 2025
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web... Moderate Unreviewed
CVE-2025-21507 was published Jan 21, 2025
The Variation Swatches for WooCommerce plugin, in all versions starting at 1.0.8 up until 1.3.2,... Moderate Unreviewed
CVE-2024-13511 was published Jan 23, 2025
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web... Moderate Unreviewed
CVE-2025-21538 was published Jan 21, 2025
CSRF vulnerability in Jenkins Azure Service Fabric Plugin Moderate
CVE-2025-24402 was published for org.jenkins-ci.plugins:service-fabric (Maven) Jan 22, 2025
07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery (CSRF) via /erp.07fly.net... Moderate Unreviewed
CVE-2024-57160 was published Jan 16, 2025
07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery (CSRF) via /erp.07fly.net... Moderate Unreviewed
CVE-2024-57161 was published Jan 16, 2025
A Cross-Site Request Forgery (CSRF) vulnerability has been found in SpagoBI v3.5.1 in the user... Moderate Unreviewed
CVE-2024-54792 was published Jan 21, 2025
Cross-Site Request Forgery (CSRF) vulnerability in anyroad.com AnyRoad allows Cross Site Request... Moderate Unreviewed
CVE-2025-23996 was published Jan 21, 2025
Cross-Site Request Forgery (CSRF) in strawberry-graphql Moderate
CVE-2024-47082 was published for strawberry-graphql (pip) Sep 25, 2024
DoctorJohn graingert
Speedy1991
The wp-greet plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up... Moderate Unreviewed
CVE-2024-13444 was published Jan 21, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database