Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,343
Erlang
31
GitHub Actions
22
Go
2,107
Maven
5,000+
npm
3,764
NuGet
679
pip
3,452
Pub
12
RubyGems
892
Rust
886
Swift
37
Unreviewed advisories
All unreviewed
5,000+

6,725 advisories

Loading
Cross-Site Request Forgery in CodeChecker API High
CVE-2024-53829 was published for codechecker (pip) Jan 21, 2025
Discookie
The Digits plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to,... High Unreviewed
CVE-2024-0203 was published Mar 7, 2024
A Cross-Site Request Forgery (CSRF) vulnerability has been found in SpagoBI v3.5.1 in the user... Moderate Unreviewed
CVE-2024-54792 was published Jan 21, 2025
Cross-Site Request Forgery (CSRF) vulnerability in ThemeFarmer Ultimate Subscribe allows... High Unreviewed
CVE-2025-23806 was published Jan 22, 2025
Cross-Site Request Forgery (CSRF) vulnerability in PQINA Snippy allows Reflected XSS. This issue... High Unreviewed
CVE-2025-23803 was published Jan 22, 2025
07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery (CSRF) via /erp.07fly.net... Moderate Unreviewed
CVE-2024-57160 was published Jan 16, 2025
07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery (CSRF) via /erp.07fly.net... Moderate Unreviewed
CVE-2024-57161 was published Jan 16, 2025
The Bulgarisation for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request... High Unreviewed
CVE-2024-2395 was published Mar 13, 2024
Bitbucket Server Integration Plugin allows bypassing CSRF protection for any URL High
CVE-2025-24398 was published for io.jenkins.plugins:atlassian-bitbucket-server-integration (Maven) Jan 22, 2025
CSRF vulnerability in Jenkins Azure Service Fabric Plugin Moderate
CVE-2025-24402 was published for org.jenkins-ci.plugins:service-fabric (Maven) Jan 22, 2025
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web... Moderate Unreviewed
CVE-2025-21538 was published Jan 21, 2025
The Variation Swatches for WooCommerce plugin, in all versions starting at 1.0.8 up until 1.3.2,... Moderate Unreviewed
CVE-2024-13511 was published Jan 23, 2025
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web... Moderate Unreviewed
CVE-2025-21507 was published Jan 21, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Qwerty23 Rocket Media Library Mime Type allows... High Unreviewed
CVE-2025-22768 was published Jan 23, 2025
A Cross Site Request Forgery (CSRF) vulnerability in Code Astro Internet banking system 2.0.0... High Unreviewed
CVE-2024-56924 was published Jan 22, 2025
Vulnerability in the Oracle Advanced Outbound Telephony product of Oracle E-Business Suite ... Moderate Unreviewed
CVE-2025-21489 was published Jan 21, 2025
Cross-Site Request Forgery in moodle High
CVE-2024-25982 was published for moodle/moodle (Composer) Feb 19, 2024
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web... Moderate Unreviewed
CVE-2025-21513 was published Jan 21, 2025
The Automate Hub Free by Sperse.IO plugin for WordPress is vulnerable to Cross-Site Request... Moderate Unreviewed
CVE-2024-13683 was published Jan 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in RSTheme Ultimate Coming Soon & Maintenance... Moderate Unreviewed
CVE-2025-24546 was published Jan 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in SubscriptionDNA.com Subscription DNA allows... High Unreviewed
CVE-2025-24555 was published Jan 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Epsiloncool WP Fast Total Search allows Cross... Moderate Unreviewed
CVE-2025-24572 was published Jan 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Brainstorm Force Starter Templates allows... Moderate Unreviewed
CVE-2025-24568 was published Jan 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in RSTheme Ultimate Coming Soon & Maintenance... Moderate Unreviewed
CVE-2025-24543 was published Jan 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Optimal Access Inc. KBucket allows Stored XSS.... High Unreviewed
CVE-2025-24562 was published Jan 24, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database