Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,318
Erlang
31
GitHub Actions
21
Go
2,074
Maven
5,000+
npm
3,746
NuGet
674
pip
3,434
Pub
12
RubyGems
892
Rust
880
Swift
37
Unreviewed advisories
All unreviewed
5,000+

6,524 advisories

Loading
Grocy through 4.3.0 has no CSRF protection, as demonstrated by changing the Administrator's... High Unreviewed
CVE-2024-55076 was published Jan 6, 2025
The WP Social AutoConnect plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... Moderate Unreviewed
CVE-2024-12279 was published Jan 4, 2025
The Scratch & Win – Giveaways and Contests. Boost subscribers, traffic, repeat visits, referrals... Moderate Unreviewed
CVE-2024-12545 was published Jan 4, 2025
Cross-Site Request Forgery (CSRF) vulnerability in FS-code FS Poster allows Cross Site Request... Moderate Unreviewed
CVE-2024-37237 was published Jan 2, 2025
Cross-Site Request Forgery (CSRF) vulnerability in VolThemes Patricia Blog allows Cross Site... Moderate Unreviewed
CVE-2024-38732 was published Jan 2, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Creativthemes Point allows Cross Site Request... Moderate Unreviewed
CVE-2024-37931 was published Jan 2, 2025
Cross-Site Request Forgery (CSRF) vulnerability in BUDDYBOSS LLC BuddyBoss Theme allows Cross... Moderate Unreviewed
CVE-2024-37925 was published Jan 2, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Marsian i-amaze allows Cross Site Request... Moderate Unreviewed
CVE-2024-38731 was published Jan 2, 2025
Cross-Site Request Forgery (CSRF) vulnerability in MyThemeShop Schema Lite allows Cross Site... Moderate Unreviewed
CVE-2024-37452 was published Jan 2, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Automattic WP Job Manager - Resume Manager... Moderate Unreviewed
CVE-2024-37241 was published Jan 2, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Uncanny Owl Uncanny Toolkit Pro for LearnDash... Moderate Unreviewed
CVE-2024-37438 was published Jan 2, 2025
Cross-Site Request Forgery (CSRF) vulnerability in CridioStudio ListingPro allows Authentication... High Unreviewed
CVE-2024-39623 was published Jan 2, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Epsiloncool WP Fast Total Search.This issue... Moderate Unreviewed
CVE-2024-38778 was published Jan 2, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Marsian allows Cross Site Request Forgery.This... Moderate Unreviewed
CVE-2024-38764 was published Jan 2, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Rara Theme Elegant Pink allows Cross Site... Moderate Unreviewed
CVE-2024-37426 was published Jan 2, 2025
Cross-Site Request Forgery (CSRF) vulnerability in WP Royal Bard allows Cross Site Request... Moderate Unreviewed
CVE-2024-37490 was published Jan 2, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Rara Theme Preschool and Kindergarten allows... Moderate Unreviewed
CVE-2024-37413 was published Jan 2, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Labib Ahmed Animated Rotating Words allows... Moderate Unreviewed
CVE-2024-38753 was published Jan 2, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Themes4WP Popularis Verse allows Cross Site... Moderate Unreviewed
CVE-2024-38763 was published Jan 2, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Automattic Newspack Newsletters allows Cross... Moderate Unreviewed
CVE-2024-37242 was published Jan 2, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Rara Theme Lawyer Landing Page allows Cross... Moderate Unreviewed
CVE-2024-37503 was published Jan 2, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Freelancelot Oceanic allows Cross Site Request... Moderate Unreviewed
CVE-2024-38765 was published Jan 2, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Till Krüss Email Address Encoder allows Cross... Moderate Unreviewed
CVE-2024-43927 was published Jan 2, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Event Espresso Event Espresso 4 Decaf allows... Moderate Unreviewed
CVE-2024-56251 was published Jan 2, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Matomo Matomo Analytics allows Cross Site... Moderate Unreviewed
CVE-2024-38766 was published Jan 2, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database