Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,342
Erlang
31
GitHub Actions
22
Go
2,106
Maven
5,000+
npm
3,764
NuGet
679
pip
3,451
Pub
12
RubyGems
892
Rust
886
Swift
37
Unreviewed advisories
All unreviewed
5,000+

2,983 advisories

Loading
Cross-Site Request Forgery (CSRF) vulnerability in Alessandro Piconi - SabLab Internal Link... High Unreviewed
CVE-2025-23989 was published Jan 31, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Mahbubur Rahman Post Meta allows Reflected XSS... High Unreviewed
CVE-2025-24549 was published Jan 31, 2025
Cross-Site Request Forgery (CSRF) vulnerability in jablonczay Scroll Styler. This issue affects... High Unreviewed
CVE-2025-23990 was published Jan 31, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Overt Software Solutions LTD EZPZ SAML SP... High Unreviewed
CVE-2025-24749 was published Jan 31, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Bhaskar Dhote Post Carousel Slider allows... High Unreviewed
CVE-2025-23977 was published Jan 31, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Pedro Marcelo Issuu Panel allows Stored XSS.... High Unreviewed
CVE-2025-23976 was published Jan 31, 2025
Cross-Site Request Forgery (CSRF) vulnerability in James Andrews Full Circle allows Stored XSS.... High Unreviewed
CVE-2025-23980 was published Jan 31, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Ninos Ego FlashCounter allows Stored XSS. This... High Unreviewed
CVE-2025-23978 was published Jan 31, 2025
The WP Image Uploader plugin for WordPress is vulnerable to arbitrary file deletion due to... High Unreviewed
CVE-2024-13720 was published Jan 30, 2025
The WP Image Uploader plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... High Unreviewed
CVE-2024-13707 was published Jan 30, 2025
Teedy <= 1.12 is vulnerable to Cross Site Request Forgery (CSRF), due to the lack of CSRF... High Unreviewed
CVE-2024-54851 was published Jan 30, 2025
Cross Site Request Forgery vulnerability in LifestyleStore v.1.0 allows a remote attacker to... High Unreviewed
CVE-2024-57373 was published Jan 28, 2025
In Edimax AC1200 Wi-Fi 5 Dual-Band Router BR-6476AC 1.06, the request /goform/fromSetDDNS does... High Unreviewed
CVE-2024-48418 was published Jan 27, 2025
The VikBooking Hotel Booking Engine & PMS plugin for WordPress is vulnerable to Cross-Site... High Unreviewed
CVE-2024-11641 was published Jan 26, 2025
Cross-Site Request Forgery (CSRF) vulnerability in mgplugin Roi Calculator allows Stored XSS.... High Unreviewed
CVE-2025-24756 was published Jan 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Laymance Technologies LLC MachForm Shortcode... High Unreviewed
CVE-2025-24636 was published Jan 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in ReviewsTap ReviewsTap allows Stored XSS. This... High Unreviewed
CVE-2025-24561 was published Jan 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in SubscriptionDNA.com Subscription DNA allows... High Unreviewed
CVE-2025-24555 was published Jan 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Optimal Access Inc. KBucket allows Stored XSS.... High Unreviewed
CVE-2025-24562 was published Jan 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Qwerty23 Rocket Media Library Mime Type allows... High Unreviewed
CVE-2025-22768 was published Jan 23, 2025
A Cross Site Request Forgery (CSRF) vulnerability in Code Astro Internet banking system 2.0.0... High Unreviewed
CVE-2024-56924 was published Jan 22, 2025
Bitbucket Server Integration Plugin allows bypassing CSRF protection for any URL High
CVE-2025-24398 was published for io.jenkins.plugins:atlassian-bitbucket-server-integration (Maven) Jan 22, 2025
Cross-Site Request Forgery (CSRF) vulnerability in PQINA Snippy allows Reflected XSS. This issue... High Unreviewed
CVE-2025-23803 was published Jan 22, 2025
Cross-Site Request Forgery (CSRF) vulnerability in ThemeFarmer Ultimate Subscribe allows... High Unreviewed
CVE-2025-23806 was published Jan 22, 2025
Cross-Site Request Forgery in CodeChecker API High
CVE-2024-53829 was published for codechecker (pip) Jan 21, 2025
Discookie
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database