GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,851
Composer 4,870
Erlang 37
GitHub Actions 36
Go 2,494
Maven 5,932
npm 4,129
NuGet 735
pip 3,944
Pub 12
RubyGems 945
Rust 1,025
Swift 39

Unreviewed advisories

All unreviewed 269,474

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

7,977 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

MLflow Cross-Site Request Forgery (CSRF) vulnerability Moderate

CVE-2025-1473 was published for mlflow (pip) Mar 20, 2025

A Cross-Site Request Forgery (CSRF) in Elgato's Key Lights and related light products allows an... Moderate Unreviewed

CVE-2025-7202 was published Aug 6, 2025

Teedy through 1.11 allows CSRF for account takeover via POST /api/user/admin. High Unreviewed

CVE-2025-22963 was published Jan 13, 2025

Liferay Portal and Liferay DXP Vulnerable to CSRF via the Layout Module High

CVE-2023-35030 was published for com.liferay.portal:release.dxp.bom (Maven) Jun 15, 2023

A vulnerability was found in zhenfeng13 My-Blog up to 1.0.0 and classified as problematic. This... Moderate Unreviewed

CVE-2025-8739 was published Aug 8, 2025

Cross-Site Request Forgery (CSRF) vulnerability in WP Compress WP Compress – Image Optimizer [All... Moderate Unreviewed

CVE-2024-32106 was published Apr 11, 2024

A vulnerability was found in atjiu pybbs up to 6.0.0 and classified as problematic. This issue... Moderate Unreviewed

CVE-2025-8814 was published Aug 10, 2025

Adobe Commerce versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and... High Unreviewed

CVE-2025-49555 was published Aug 12, 2025

The Easy restaurant menu manager plugin for WordPress is vulnerable to Cross-Site Request Forgery... Moderate Unreviewed

CVE-2025-8491 was published Aug 13, 2025

Cross-Site Request Forgery (CSRF) vulnerability in tosend.it Simple Poll allows Stored XSS. This... High Unreviewed

CVE-2025-49044 was published Aug 14, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Ays Pro Chartify allows Cross Site Request... Moderate Unreviewed

CVE-2025-54673 was published Aug 14, 2025

Cross-Site Request Forgery (CSRF) vulnerability in bobbingwide oik allows Cross Site Request... Moderate Unreviewed

CVE-2025-54671 was published Aug 14, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Prince Integrate Google Drive allows Cross... Moderate Unreviewed

CVE-2025-54703 was published Aug 14, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Jordy Meow Photo Engine allows Cross Site... Moderate Unreviewed

CVE-2025-54672 was published Aug 14, 2025

Cross-Site Request Forgery (CSRF) vulnerability in mklacroix Product Configurator for WooCommerce... Moderate Unreviewed

CVE-2025-54674 was published Aug 14, 2025

Cross-Site Request Forgery (CSRF) vulnerability in YITHEMES YITH WooCommerce Popup allows Cross... Moderate Unreviewed

CVE-2025-54675 was published Aug 14, 2025

Cross-Site Request Forgery (CSRF) vulnerability in CRM Perks Connector for Gravity Forms and... Moderate Unreviewed

CVE-2025-54682 was published Aug 14, 2025

Cross-Site Request Forgery (CSRF) vulnerability in bPlugins Button Block allows Cross Site... Moderate Unreviewed

CVE-2025-54694 was published Aug 14, 2025

Cross-Site Request Forgery (CSRF) vulnerability in motov.net Ebook Store allows Cross Site... Moderate Unreviewed

CVE-2025-54702 was published Aug 14, 2025

The KuWFi 4G LTE AC900 router 1.0.13 is vulnerable to Cross-Site Request Forgery (CSRF) on its... High Unreviewed

CVE-2024-53946 was published Aug 14, 2025

Cross-Site Request Forgery (CSRF) vulnerability in flexostudio flexo-social-gallery allows Cross... Moderate Unreviewed

CVE-2025-52769 was published Aug 14, 2025

Cross-Site Request Forgery (CSRF) vulnerability in lisensee NetInsight Analytics Implementation... High Unreviewed

CVE-2025-52765 was published Aug 14, 2025

Cross-Site Request Forgery (CSRF) vulnerability in lisensee NetInsight Analytics Implementation... Moderate Unreviewed

CVE-2025-52767 was published Aug 14, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Laborator Kalium allows Cross Site Request... Moderate Unreviewed

CVE-2025-53347 was published Aug 14, 2025

Cross-Site Request Forgery (CSRF) vulnerability in Shahjada WPDM – Premium Packages allows Cross... Moderate Unreviewed

CVE-2025-54732 was published Aug 14, 2025

Previous 1…314…320 Next

Previous 1 2 … 312 313 314 315 316 … 319 320 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

7,977 advisories