Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

7,977 advisories

Loading
Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite (component:... Moderate Unreviewed
CVE-2024-20934 was published Jan 17, 2024
Vulnerability in the Oracle iSupport product of Oracle E-Business Suite (component: Internal... Moderate Unreviewed
CVE-2024-20944 was published Jan 17, 2024
Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle Supply... Moderate Unreviewed
CVE-2024-20942 was published Jan 17, 2024
The Product Enquiry for WooCommerce WordPress plugin before 3.1 does not have a CSRF check in... Moderate Unreviewed
CVE-2023-6625 was published Jan 22, 2024
An issue has been discovered in GitLab CE/EE affecting all versions from 16.1.0 before 16.11.5,... High Unreviewed
CVE-2024-4994 was published Jun 20, 2025
The User registration & user profile WordPress plugin through 2.0 does not have CSRF check in... Moderate Unreviewed
CVE-2023-0824 was published Jan 16, 2024
Vulnerability in the Oracle Knowledge Management product of Oracle E-Business Suite (component:... Moderate Unreviewed
CVE-2024-20940 was published Jan 17, 2024
The WordPress Users WordPress plugin through 1.4 does not have CSRF check in place when updating... High Unreviewed
CVE-2023-6390 was published Jan 29, 2024
A vulnerability was found in SourceCodester Gym Management System 1.0. It has been classified as... Moderate Unreviewed
CVE-2025-6476 was published Jun 23, 2025
A vulnerability was found in CodeAstro Expense Management System 1.0. It has been rated as... Moderate Unreviewed
CVE-2025-6478 was published Jun 23, 2025
Cross-site request forgery vulnerability exists in iroha Board versions v0.10.12 and earlier. If... Moderate Unreviewed
CVE-2025-48497 was published Jun 26, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Drupal Open Social allows Cross Site Request... High Unreviewed
CVE-2025-48921 was published Jun 26, 2025
A vulnerability, which was classified as problematic, was found in CodeAstro Patient Record... Moderate Unreviewed
CVE-2025-6664 was published Jun 26, 2025
The Homerunner plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions... Moderate Unreviewed
CVE-2025-5932 was published Jun 26, 2025
The VR Calendar plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions... Moderate Unreviewed
CVE-2025-5936 was published Jun 27, 2025
Cross-Site Request Forgery (CSRF) vulnerability in cookiebot Cookiebot allows Cross Site Request... Moderate Unreviewed
CVE-2025-53197 was published Jun 27, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Writesonic Writesonic allows Cross Site... Moderate Unreviewed
CVE-2025-53262 was published Jun 27, 2025
Cross-Site Request Forgery (CSRF) vulnerability in macbookandrew WP YouTube Live allows Cross... Moderate Unreviewed
CVE-2025-53261 was published Jun 27, 2025
Cross-Site Request Forgery (CSRF) vulnerability in PluginsCafe Address Autocomplete via Google... Moderate Unreviewed
CVE-2025-53263 was published Jun 27, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Konrád Koller ONet Regenerate Thumbnails... Moderate Unreviewed
CVE-2025-53264 was published Jun 27, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Anton Bond Additional Order Filters for... High Unreviewed
CVE-2025-53271 was published Jun 27, 2025
Cross-Site Request Forgery (CSRF) vulnerability in ryanpcmcquen Import external attachments... Moderate Unreviewed
CVE-2025-53268 was published Jun 27, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Burst Statistics B.V. Burst Statistics allows... Moderate Unreviewed
CVE-2025-53193 was published Jun 27, 2025
Cross-Site Request Forgery (CSRF) vulnerability in EDGARROJAS WooCommerce PDF Invoice Builder... Moderate Unreviewed
CVE-2025-53203 was published Jun 27, 2025
Cross-Site Request Forgery (CSRF) vulnerability in webcraftic Cyrlitera allows Cross Site Request... Moderate Unreviewed
CVE-2025-53254 was published Jun 27, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database