Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,731
Maven
5,000+
npm
4,332
NuGet
763
pip
4,109
Pub
12
RubyGems
960
Rust
1,068
Swift
45
Unreviewed advisories
All unreviewed
5,000+

97 advisories

Loading
OvalEdge 5.2.8.0 and earlier is affected by an Account Takeover vulnerability via a POST request... Critical Unreviewed
CVE-2022-30357 was published Oct 25, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Lukas Huser EKC Tournament Manager allows... Critical Unreviewed
CVE-2024-49674 was published Oct 31, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Podlove Podlove Podcast Publisher allows Code... Critical Unreviewed
CVE-2024-43984 was published Oct 31, 2024
dingfanzu CMS V1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the... Critical Unreviewed
CVE-2024-50966 was published Nov 8, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Cliconomics Exclusive Content Password Protect... Critical Unreviewed
CVE-2024-52402 was published Nov 19, 2024
Cross-Site Request Forgery (CSRF) vulnerability in 荒野无灯 Hacklog DownloadManager allows Upload a... Critical Unreviewed
CVE-2024-52401 was published Nov 19, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Sourov Amin Insertify allows Code Injection... Critical Unreviewed
CVE-2024-54372 was published Dec 16, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Ruben Garza, Jr. GitSync allows Code Injection... Critical Unreviewed
CVE-2024-54368 was published Dec 16, 2024
Cross-Site Request Forgery (CSRF) vulnerability in Mike Selander WP Options Editor allows... Critical Unreviewed
CVE-2025-23797 was published Jan 16, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Harsh iSpring Embedder allows Upload a Web... Critical Unreviewed
CVE-2025-23922 was published Jan 16, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Pearlbells Flash News / Post (Responsive)... Critical Unreviewed
CVE-2024-56012 was published Dec 16, 2024
Cross-Site Request Forgery (CSRF) vulnerability in MetricThemes Munk Sites allows Cross Site... Critical Unreviewed
CVE-2025-25101 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in FancyWP Starter Templates by FancyWP allows... Critical Unreviewed
CVE-2025-25106 was published Feb 7, 2025
Cross-Site Request Forgery (CSRF) vulnerability in sainwp OneStore Sites allows Cross Site... Critical Unreviewed
CVE-2025-25107 was published Feb 7, 2025
Cross Site Request Forgery vulnerability in 07FLYCMS v.1.3.9 allows a remote attacker to execute... Critical Unreviewed
CVE-2025-25379 was published Mar 1, 2025
Cross Site Request Forgery vulnerability in sell done storefront v.1.0 allows a remote attacker... Critical Unreviewed
CVE-2025-26206 was published Mar 3, 2025
MailDev Remote Code Execution Critical
CVE-2024-27448 was published for maildev (npm) Apr 5, 2024
stypr
Credited to stypr
Rhymix 2.1.19 is vulnerable to Server-Side Request Forgery (SSRF) in the background import data... Critical Unreviewed
CVE-2024-55089 was published Dec 18, 2024
Cross-Site Request Forgery (CSRF) vulnerability in wpshopee Awesome Logos allows SQL Injection.... Critical Unreviewed
CVE-2025-30528 was published Mar 24, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Jacob Schwartz WP e-Commerce Style Email... Critical Unreviewed
CVE-2025-30615 was published Mar 24, 2025
eladmin v2.7 and before is vulnerable to Server-Side Request Forgery (SSRF) which allows an... Critical Unreviewed
CVE-2024-44677 was published Sep 10, 2024
Cross-Site Request Forgery (CSRF) vulnerability in anantaddons Anant Addons for Elementor allows... Critical Unreviewed
CVE-2025-32641 was published Apr 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in appsbd Vite Coupon allows Remote Code... Critical Unreviewed
CVE-2025-32642 was published Apr 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Adam Nowak Buddypress Humanity allows Cross... Critical Unreviewed
CVE-2025-31033 was published Apr 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Uncodethemes Ultra Demo Importer allows Upload... Critical Unreviewed
CVE-2025-32496 was published Apr 9, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database